Advertisement

On the Pseudorandomness of the AES Finalists - RC6 and Serpent

  • Tetsu Iwata
  • Kaoru Kurosawa
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1978)

Abstract

Luby and Rackoff idealized DES by replacing each round function with one large random function. In this paper, we introduce a primitive-wise idealization in which some of the primitive operations of the round function are left untouched and some of them are replaced with small random functions or permutations. We then prove that a four round primitive-wise idealized RC6 is not a pseudorandom permutation and a three round primitive-wise idealized Serpent is a superpseudorandom permutation.

References

  1. 1.
    R. Anderson, E. Biham and L. Knudsen. Serpent: a proposal for the Advanced Encryption Standard. AES proposal, available on: http://www.cl.cam.ac.uk/~rja14/serpent.html.
  2. 2.
    C. Burwick, D. Coppersmith, E. D'Avignon, R. Gennaro, S. Halevi, C. Jutla, S. M. Matyas Jr., L. O'Connor, M. Peyravian, D. Safford and N. Zunic. MARS-a candidate cipher for AES. AES proposal, available on: http://www.research.ibm.com/security/mars.html.
  3. 3.
    J. Daemen and V. Rijmen. AES proposal: Rijndael. AES proposal, available on: http://www.esat.kuleuven.ac.be/~rijmen/rijndael/.
  4. 4.
    M. Luby and C. Rackoff. How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing, volume 17,number 2, pages 373–386, April 1988.zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    U. M. Maurer. A simplified and generalized treatment of Luby-Rackoff pseudorandom permutation generators. Advances in Cryptology-Eurocrypt’ 92, Lecture Notes in Computer Science, volume 658, pages 239–255, Springer-Verlag, 1992.CrossRefGoogle Scholar
  6. 6.
    R. L. Rivest, M. J. B. Robshaw, R. Sidney and Y. L. Yin. The RC6 Block Cipher. v1.1. AES proposal, available on: http://www.rsa.com/rsalabs/aes/.
  7. 7.
    B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall and N. Ferguson. Twofish: a 128-bit block cipher. AES proposal, available on: http://www.counterpane.com/twofish.html.
  8. 8.
    S. Vaudenay and S. Moriai. Comparison of the randomness provided by some AES candidates. Rump session at AES2.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Tetsu Iwata
    • 1
  • Kaoru Kurosawa
    • 1
  1. 1.Department of Electrical and Electronic EngineeringFaculty of Engineering, Tokyo Institute of TechnologyTokyoJapan

Personalised recommendations