How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
On the construction of a random number generator and random function generators
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Impossibility and optimally results on constructing pseudorandom permutations (extended abstract)
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the security of Schnorr's pseudo random generator
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
How to construct pseudorandom permutations from single pseudorandom functions
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Luby-Rackoff Ciphers: Why XOR Is Not So Exclusive
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
New Results on Pseudorandom Permutation Generators Based on the DES Scheme
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Pseudorandom permutations based on the DES scheme
EUROCODE '90 Proceedings of the International Symposium on Coding Theory and Applications
On Necessary and Sufficient Conditions for the Construction of Super Pseudorandom Permutations
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Proceedings of the Third International Workshop on Fast Software Encryption
Improved security analysis of XEX and LRW modes
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Hybrid symmetric encryption using known-plaintext attack-secure components
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Hi-index | 0.00 |
It is known that a super-pseudorandom permutation on 2n bits can be obtained from a random function f on n bits and two bisymmetric and AXU hash functions h1 and h2 on n bits. It has a Feistel type structure which is usually denoted by φ(h1, f, f, h2). Bisymmetric and AXU hash functions h1, h2 are much weaker primitives than a random function f and they can be computed much faster than random functions. This paper shows that we can further weaken the condition on h1.