How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
On the Round Security of Symmetric-Key Cryptographic Primitives
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Indistinguishability of Random Systems
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Optimal Security Proofs for PSS and Other Signature Schemes
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Short Signatures in the Random Oracle Model
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficiency improvements for signature schemes with tight security reductions
Proceedings of the 10th ACM conference on Computer and communications security
Feistel Networks Made Public, and Applications
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
The Random Oracle Model and the Ideal Cipher Model Are Equivalent
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Salvaging Merkle-Damgård for Practical Applications
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
The exact security of digital signatures-how to sign with RSA and Rabin
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A simplified and generalized treatment of Luby-Rackoff pseudorandom permutation generators
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Known-key distinguishers for some block ciphers
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
The equivalence of the random oracle model and the ideal cipher model, revisited
Proceedings of the forty-third annual ACM symposium on Theory of computing
Careful with composition: limitations of the indifferentiability framework
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Multi-property-preserving hash domain extension and the EMD transform
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
A domain extender for the ideal cipher
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Optimal asymmetric encryption and signature paddings
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Merkle-Damgård revisited: how to construct a hash function
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On the relation between the ideal cipher and the random oracle models
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Hi-index | 0.00 |
We show that the Feistel construction with six rounds and random round functions is publicly indifferentiable from a random invertible permutation (a result that is not known to hold for full indifferentiability). Public indifferentiability (pub-indifferentiability for short) is a variant of indifferentiability introduced by Yoneyama et al. [29] and Dodis et al. [12] where the simulator knows all queries made by the distinguisher to the primitive it tries to simulate, and is useful to argue the security of cryptosystems where all the queries to the ideal primitive are public (as e.g. in many digital signature schemes). To prove the result, we introduce a new and simpler variant of indifferentiability, that we call sequential indifferentiability (seq-indifferentiability for short) and show that this notion is in fact equivalent to pub-indifferentiability for stateless ideal primitives. We then prove that the 6-round Feistel construction is seq-indifferentiable from a random invertible permutation. We also observe that sequential indifferentiability implies correlation intractability, so that the Feistel construction with six rounds and random round functions yields a correlation intractable invertible permutation, a notion we define analogously to correlation intractable functions introduced by Canetti et al. [4].