Abstract
In [1], W. Aiello and R. Venkatesan have shown how to construct pseudorandom functions of 2n bits → 2n bits from pseudorandom functions of n bits → n bits. They claimed that their construction, called “Benes” reaches the optimal bound (m ≪ 2n) of security against adversaries with unlimited computing power but limited by m queries in an Adaptive Chosen Plaintext Attack (CPA-2). This result may have many applications in Cryptography (cf [1,19,18] for example). However, as pointed out in [18] a complete proof of this result is not given in [1] since one of the assertions in [1] is wrong. It is not easy to fix the proof and in [18], only a weaker result was proved, i.e. that in the Benes Schemes we have security when m ≪ f(ε) ·2n − ε, where f is a function such that lim ε→0 f(ε) = + ∞ (f depends only of ε, not of n). Nevertheless, no attack better than in O(2n) was found. In this paper we will in fact present a complete proof of security when m ≪ O(2n) for the Benes Scheme, with an explicit O function. Therefore it is possible to improve all the security bounds on the cryptographic constructions based on Benes (such as in [19]) by using our O(2n) instead of f(ε) ·2n − ε of [18].
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aiello, W., Venkatesan, R.: Foiling Birthday Attacks in Length-Doubling Transformations - Benes: a non-reversible alternative to Feistel. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 307–320. Springer, Heidelberg (1996)
Bellare, M., Goldreich, O., Krawczyk, H.: Stateless evaluation of pseudorandom functions: Security beyond the birthday barrier. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, Springer, Heidelberg (1999)
Bellare, M., Impagliazzio, R.: A Tool for Obtaining Tighter Security Analysis of Pseudorandom Based Constructions, with Applications to PRP to PRF Conversion,Cryptology ePrint archive: 19995/024: Listing for 1999
Damgård, I.: Design Principles of Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, Springer, Heidelberg (1990)
Goldreich, O., Goldwasser, S., Micali, S.: How to Construct Random Functions. JACM 33, 792–807 (1986)
Luby, M.: Pseudorandomness and Its Cryptographic Applications. In: Princeton Computer Science Notes, Princeton University Press, Princeton
Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing 17(2), 373–386 (1988)
Lucks, S.: The Sum of PRP Is a Secure PRF. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 470–487. Springer, Heidelberg (2000)
Maurer, U.: A simplified and Generalized Treatment of Luby-Rackoff Pseudorandom Permutation Generators. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 239–255. Springer, Heidelberg (1993)
Maurer, U.: Information-Theoretic Cryptography. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 47–64. Springer, Heidelberg (1999)
Maurer, U.: Indistinguishability of Random Systems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 110–132. Springer, Heidelberg (2002)
Maurer, U., Pietrzak, K.: The security of Many-Round Luby-Rackoff Pseudo-Random Permutations. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 544–561. Springer, Heidelberg (2003)
Naor, M., Reingold, O.: On the construction of pseudo-random permutations: Luby-Rackoff revisited. Journal of Cryptology 12, 29–66 (1997); In: Proc. 29th ACM Symp. on Theory of Computing, pp. 189–199 (1997) (extented abstract)
Patarin, J.: New results on pseudo-random permutation generators based on the DES scheme. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 301–312. Springer, Heidelberg (1992)
Patarin, J.: Improved security bounds for pseudorandom permutations. In: 4th ACM Conference on Computer and Communications Security, Zurich, April 1-4, 1997, pp. 142–150. ACM Press, New York (1997)
Patarin, J.: Luby-Rackoff: 7 rounds are Enough for 2n(1 − ε) Security. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 513–529. Springer, Heidelberg (2003)
Patarin, J.: Security of Random Feistel Schemes with 5 or more rounds. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 106–122. Springer, Heidelberg (2004)
Patarin, J., Montreuil, A.: Benes and Butterfly Schemes Revisited. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 92–116. Springer, Heidelberg (2006)
Patarin, J., Camion, P.: Design of near-optimal pseudorandom permutations in the information-theoretic model, Cryptology ePrint archive: 2005/153: Listing for 2005
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Patarin, J. (2008). A Proof of Security in O(2n) for the Benes Scheme. In: Vaudenay, S. (eds) Progress in Cryptology – AFRICACRYPT 2008. AFRICACRYPT 2008. Lecture Notes in Computer Science, vol 5023. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68164-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-68164-9_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68159-5
Online ISBN: 978-3-540-68164-9
eBook Packages: Computer ScienceComputer Science (R0)