CryptoDB
Revisiting Key-Alternating Feistel Ciphers for Shorter Keys and Multi-user Security
| Authors: | |
|---|---|
| Download: | |
| Presentation: | Slides |
| Conference: | ASIACRYPT 2018 |
| Abstract: | Key-Alternating Feistel (KAF) ciphers, a.k.a. Feistel-2 models, refer to Feistel networks with round functions of the form $$F_i(k_i\oplus x_i)$$, where $$k_i$$ is the (secret) round-key and $$F_i$$ is a public random function. This model roughly captures the structures of many famous Feistel ciphers, and the most prominent instance is DES.Existing provable security results on KAF assumed independent round-keys and round functions (ASIACRYPT 2004 & FSE 2014). In this paper, we investigate how to achieve security under simpler and more realistic assumptions: with round-keys derived from a short main-key, and hopefully with identical round functions.For birthday-type security, we consider 4-round KAF, investigate the minimal conditions on the way to derive the four round-keys, and prove that when such adequately derived keys and the same round function are used, the 4-round KAF is secure up to $$2^{n/2}$$ queries.For beyond-birthday security, we focus on 6-round KAF. We prove that when the adjacent round-keys are independent, and independent round-functions are used, the 6 round KAF is secure up to $$2^{2n/3}$$ queries. To our knowledge, this is the first beyond-birthday security result for KAF without assuming completely independent round-keys.Our results hold in the multi-user setting as well, constituting the first non-trivial multi-user provable security results on Feistel ciphers. We finally demonstrate applications of our results on designing key-schedules and instantiating keyed sponge constructions. |
BibTeX
@inproceedings{asiacrypt-2018-29143,
title={Revisiting Key-Alternating Feistel Ciphers for Shorter Keys and Multi-user Security},
booktitle={Advances in Cryptology – ASIACRYPT 2018},
series={Lecture Notes in Computer Science},
publisher={Springer},
volume={11272},
pages={213-243},
doi={10.1007/978-3-030-03326-2_8},
author={Chun Guo and Lei Wang},
year=2018
}