How to construct random functions
Journal of the ACM (JACM)
How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
On the construction of pseudo-random permutations: Luby-Rackoff revisited (extended abstract)
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Improved security bounds for pseudorandom permutations
Proceedings of the 4th ACM conference on Computer and communications security
Pseudorandomness and Cryptographic Applications
Pseudorandomness and Cryptographic Applications
Information-Theoretic Cryptography
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Stateless Evaluation of Pseudorandom Functions: Security beyond the Birthday Barrier
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
New Results on Pseudorandom Permutation Generators Based on the DES Scheme
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Indistinguishability of Random Systems
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A simplified and generalized treatment of Luby-Rackoff pseudorandom permutation generators
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
The security of many-round Luby-Rackoff pseudo-random permutations
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A proof of security in O(2n) for the Benes scheme
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Domain extension for MACs beyond the birthday barrier
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Hi-index | 0.00 |
In [1], W. Aiello and R. Venkatesan have shown how to construct pseudo-random functions of 2n bits →2n bits from pseudo-random functions of n bits →n bits. They claimed that their construction, called “Benes”, reaches the optimal bound (m≪2n) of security against adversaries with unlimited computing power but limited by m queries in an Adaptive Chosen Plaintext Attack (CPA-2). However a complete proof of this result is not given in [1] since one of the assertions of [1] is wrong. Due to this, the proof given in [1] is valid for most attacks, but not for all the possible Chosen Plaintext Attacks. In this paper we will in a way fix this problem since for all ε0, we will prove CPA-2 security when m≪2n(1−ε). However we will also see that the probability to distinguish Benes functions from random functions is sometime larger than the term in $\frac{m^2}{2^{2n}}$ given in [1]. One of the key idea in our proof will be to notice that, when m≫2$^{\rm 2{\it n}/3}$ and m≪2n, for large number of variables linked with some critical equalities, the average number of solutions may be large (i.e. ≫1) while, at the same time, the probability to have at least one such critical equalities is negligible (i.e. ≪1). (An extended version of this paper is available from the authors)