How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On the construction of pseudo-random permutations: Luby-Rackoff revisited (extended abstract)
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
OCB: a block-cipher mode of operation for efficient authenticated encryption
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
The Security of All-or-Nothing Encryption: Protecting against Exhaustive Key Search
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Construction of a Cioher From a Single Pseudorandom Permutation
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Short Signatures in the Random Oracle Model
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
The Random Oracle Model and the Ideal Cipher Model Are Equivalent
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Beyond-Birthday-Bound Security Based on Tweakable Block Cipher
Fast Software Encryption
Distinguisher and Related-Key Attack on the Full AES-256
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Related-Key Cryptanalysis of the Full AES-192 and AES-256
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Message authentication on 64-bit architectures
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Invertible universal hashing and the TET encryption mode
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
HCH: a new tweakable enciphering scheme using the hash-encrypt-hash approach
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
HCTR: a variable-input-length enciphering mode
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
A new mode of encryption providing a tweakable strong pseudo-random permutation
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
The ideal-cipher model, revisited: an uninstantiable blockcipher-based hash function
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Merkle-Damgård revisited: how to construct a hash function
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On the relation between the ideal cipher and the random oracle models
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Building blockcipher from tweakable blockcipher: extending FSE 2009 proposal
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
On the public indifferentiability and correlation intractability of the 6-round feistel construction
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Hi-index | 0.00 |
We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3-round Feistel, and is more efficient than first building a n-bit random oracle from a n-bit ideal cipher (as in [9]) and then a 2n-bit ideal cipher from a n-bit random oracle (as in [10], using a 6-round Feistel). We also show that 2 rounds are not enough for indifferentiability by exhibiting a simple attack. We also consider our construction in the standard model: we show that 2 rounds are enough to get a 2n-bit tweakable block-cipher from a n-bit tweakable block-cipher and we show that with 3 rounds we can get beyond the birthday security bound.