Abstract
In [3] M. Luby and C. Rackoff have proved that 3-round random Feistel schemes are secure against all adaptative chosen plaintext attacks when the number of queries is m ≪ 2n/2. Moreover, 4-round random Feistel schemes are also secure against all adaptative chosen plaintext and chosen ciphertext attacks when m ≪ 2n/2. It was shown later that these bounds are tight for 3 and 4 rounds (see [9] or [1]).
In this paper our main results are that for every ε> 0, when m ≪ 2n(1 − ε):
-
for 4 rounds or more, a random Feistel scheme is secure against known plaintext attacks (KPA).
-
for 7 rounds or more it is secure against all adaptative chosen plaintext attacks (CPA).
-
for 10 rounds or more it is secure against all adaptative chosen plaintext and chosen ciphertext attacks (CPCA).
These results achieve the optimal value of m, since it is always possible to distinguish a random Feistel cipher from a truly random permutation with \(\mathcal{O}(2^n)\) queries, given sufficient computing power.
This paper solves an open problem of [1, 9] and [17]. It significantly improves the results of [13] that proves the security against only 2\(^{\frac{3n}{4}}\) queries for 6 rounds, and the results of [6] in which the 2n(1 − ε) security is only obtained when the number of rounds tends to infinity. The proof technique used in this paper is also of independent interest and can be applied to other schemes.
Chapter PDF
Similar content being viewed by others
References
Aiollo, W., Venkatesan, R.: Foiling Birthday Attacks in Length- Doubling Transformations - Benes: A Non-Reversible Alternative to Feistel. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 307–320. Springer, Heidelberg (1996)
Black, J., Rogaway, P.: Ciphers with Arbitrary Finite Domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002)
Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing 17(2), 373–386 (1988)
Maurer, U.: A simplified and generalized treatment of Luby-Rackoff pseudorandom permutation generators. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 239–255. Springer, Heidelberg (1993)
Maurer, U.: Indistinguishability of Random Systems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 110–132. Springer, Heidelberg (2002)
Maurer, U., Pietrzak, K.: The Security of Many-Round Luby-Rackoff Pseudo- Random Permutations. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, Springer, Heidelberg (2003)
Naor, M., Reingold, O.: On the construction of pseudo-random permutations: Luby-Rackoff revisited. Journal of Cryptology 12, 29–66 (1999); Extended abstract was published. In: Proc. 29th Ann. ACM Symp. on Theory of Computing, pp. 189–199 (1997)
Patarin, J.: Pseudorandom Permutations based on the DES Scheme. In: Charpin, P., Cohen, G. (eds.) EUROCODE 1990. LNCS, vol. 514, pp. 193–204. Springer, Heidelberg (1991)
Patarin, J.: New results on pseudorandom permutation generators based on the DES scheme. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 301–312. Springer, Heidelberg (1992)
Patarin, J.: Etude des générateurs de permutations basés sur le schéma du DES. Ph. D. Thesis, Inria, Domaine de Voluceau, Le Chesnay, France (1991)
Patarin, J.: How to construct pseudorandom and super pseudorandom permutations from one single pseudorandom function. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 256–266. Springer, Heidelberg (1993)
Patarin, J.: Improved Security Bounds for Pseudorandom Permutations. In: 4th ACM Conference on Computer and Communications Security, April 2-4, Zurich, Switzerland, pp. 142–150 (1997)
Patarin, J.: About Feistel Schemes with Six (or More) Rounds. In: Fast Software Encryption 1998, pp. 103–121 (1998)
Patarin, J.: Generic Attacks on Feistel Schemes. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 222–238. Springer, Heidelberg (2001)
Patarin, J.: Luby-Rackoff: 7 Rounds are Enough for 2n(1 − ε) Security. Extended version of this paper. Available from the author
Patel, S., Ramzan, Z., Sundaram, G.: Toward making Luby-Rackoff ciphers optimal and practical. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, p. 171. Springer, Heidelberg (1999)
Pieprzyk, J.: How to construct pseudorandom permutations from Single Pseudorandom Functions. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 140–150. Springer, Heidelberg (1991)
Ramzan, Z., Reyzin, L.: On the Round Security of Symmetric-Key Cryptographic Primitives. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 376–393. Springer, Heidelberg (2000)
Schneier, B., Kelsey, J.: Unbalanced Feistel Networks and Block Cipher Design. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 121–144. Springer, Heidelberg (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Patarin, J. (2003). Luby-Rackoff: 7 Rounds Are Enough for 2n(1 − ε) Security. In: Boneh, D. (eds) Advances in Cryptology - CRYPTO 2003. CRYPTO 2003. Lecture Notes in Computer Science, vol 2729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45146-4_30
Download citation
DOI: https://doi.org/10.1007/978-3-540-45146-4_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40674-7
Online ISBN: 978-3-540-45146-4
eBook Packages: Springer Book Archive