On generalized Feistel networks

Authors:
Viet Tung Hoang;Phillip Rogaway
Affiliations:
Dept. of Computer Science, University of California, Davis;Dept. of Computer Science, University of California, Davis
Venue:
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Year:
2010

Citing 22
Cited 3

How to construct pseudorandom permutations from pseudorandom functions

SIAM Journal on Computing - Special issue on cryptography
Ciphers with Arbitrary Finite Domains

CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Provable Security for Block Ciphers by Decorrelation

STACS '98 Proceedings of the 15th Annual Symposium on Theoretical Aspects of Computer Science
(Not So) Random Shuffles of RC4

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
On the Construction of Block Ciphers Provably Secure and Not Relying on Any Unproved Hypotheses

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
New Results on Pseudorandom Permutation Generators Based on the DES Scheme

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Generalized Birthday Arracks on Unbalanced Feistel Networks

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Generalized Feistel Networks

ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
On the Pseudorandomness of Top-Level Schemes of Block Ciphers

ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Generic Attacks on Feistel Schemes

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Faster Luby-Rackoff Ciphers

Proceedings of the Third International Workshop on Fast Software Encryption
Unbalanced Feistel Networks and Block Cipher Design

Proceedings of the Third International Workshop on Fast Software Encryption
Two Practical and Provably Secure Block Ciphers: BEARS and LION

Proceedings of the Third International Workshop on Fast Software Encryption
About Feistel Schemes with Six (or More) Rounds

FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
How to Encipher Messages on a Small Domain

CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Format-Preserving Encryption

Selected Areas in Cryptography
A simplified and generalized treatment of Luby-Rackoff pseudorandom permutation generators

EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
The security of many-round Luby-Rackoff pseudo-random permutations

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Indistinguishability amplification

CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Generic attacks on unbalanced Feistel schemes with expanding functions

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
On Lai---Massey and quasi-Feistel ciphers

Designs, Codes and Cryptography
Generic attacks on unbalanced feistel schemes with contracting functions

ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security

On permutation layer of type 1, source-heavy, and target-heavy generalized feistel structures

CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Mars attacks! revisited: differential attack on 12 rounds of the MARS core and defeating the complex MARS key-schedule

INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
An asymptotically tight security analysis of the iterated even-mansour cipher

ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We prove beyond-birthday-bound security for most of the well-known types of generalized Feistel networks: (1) unbalanced Feistel networks, where the n-bit to m-bit round functions may have n ≠ m; (2) alternating Feistel networks, where the round functions alternate between contracting and expanding; (3) type-1, type-2, and type-3 Feistel networks, where n-bit to n-bit round functions are used to encipher kn-bit strings for some k ≥ 2; and (4) numeric variants of any of the above, where one enciphers numbers in some given range rather than strings of some given size. Using a unified analytic framework, we show that, in any of these settings, for any ε 0, with enough rounds, the subject scheme can tolerate CCA attacks of up to q ∼ N1-ε adversarial queries, where N is the size of the round functions' domain (the larger domain for alternating Feistel). Prior analyses for most generalized Feistel networks established security to only q ∼ N0.5 queries.