How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Ciphers with Arbitrary Finite Domains
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Provable Security for Block Ciphers by Decorrelation
STACS '98 Proceedings of the 15th Annual Symposium on Theoretical Aspects of Computer Science
(Not So) Random Shuffles of RC4
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
On the Construction of Block Ciphers Provably Secure and Not Relying on Any Unproved Hypotheses
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
New Results on Pseudorandom Permutation Generators Based on the DES Scheme
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Generalized Birthday Arracks on Unbalanced Feistel Networks
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
On the Pseudorandomness of Top-Level Schemes of Block Ciphers
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Generic Attacks on Feistel Schemes
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proceedings of the Third International Workshop on Fast Software Encryption
Unbalanced Feistel Networks and Block Cipher Design
Proceedings of the Third International Workshop on Fast Software Encryption
Two Practical and Provably Secure Block Ciphers: BEARS and LION
Proceedings of the Third International Workshop on Fast Software Encryption
About Feistel Schemes with Six (or More) Rounds
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
How to Encipher Messages on a Small Domain
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Selected Areas in Cryptography
A simplified and generalized treatment of Luby-Rackoff pseudorandom permutation generators
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
The security of many-round Luby-Rackoff pseudo-random permutations
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Indistinguishability amplification
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Generic attacks on unbalanced Feistel schemes with expanding functions
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
On Lai---Massey and quasi-Feistel ciphers
Designs, Codes and Cryptography
Generic attacks on unbalanced feistel schemes with contracting functions
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
On permutation layer of type 1, source-heavy, and target-heavy generalized feistel structures
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
An asymptotically tight security analysis of the iterated even-mansour cipher
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
We prove beyond-birthday-bound security for most of the well-known types of generalized Feistel networks: (1) unbalanced Feistel networks, where the n-bit to m-bit round functions may have n ≠ m; (2) alternating Feistel networks, where the round functions alternate between contracting and expanding; (3) type-1, type-2, and type-3 Feistel networks, where n-bit to n-bit round functions are used to encipher kn-bit strings for some k ≥ 2; and (4) numeric variants of any of the above, where one enciphers numbers in some given range rather than strings of some given size. Using a unified analytic framework, we show that, in any of these settings, for any ε 0, with enough rounds, the subject scheme can tolerate CCA attacks of up to q ∼ N1-ε adversarial queries, where N is the size of the round functions' domain (the larger domain for alternating Feistel). Prior analyses for most generalized Feistel networks established security to only q ∼ N0.5 queries.