How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
New types of cryptanalytic attacks using related keys
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
On the Construction of Variable-Input-Length Ciphers
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
A Classical Introduction to Cryptography: Applications for Communications Security
A Classical Introduction to Cryptography: Applications for Communications Security
Elastic block ciphers: the basic design
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Elastic block ciphers
Efficient constructions of variable-input-length block ciphers
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Hi-index | 0.00 |
We analyze the security of elastic block ciphers against key-recovery attacks. An elastic version of a fixed-length block cipher is a variable-length block cipher that supports any block size in the range of one to two times the length of the original block. Our method for creating an elastic block cipher involves inserting the round function of the original cipher into a substitution-permutation network. In this paper, we form a polynomial-time reduction between the elastic and original versions of the cipher by exploiting the underlying network structure. We prove that the elastic version of a cipher is secure against a given key-recovery attack if the original cipher is secure against such an attack. Our analysis is based on the general structure of elastic block ciphers (i.e., the network's structure, the composition methods between rounds in the network and the keying methodology) and is independent of the specific cipher.