1-7hit |
In this paper, we first prove beyond-birthyday-bound security for the Misty structure. Specifically, we show that an r-round Misty structure is secure against CCA attacks up to $O(2^{rac{rn}{r+7}})$ query complexity, where n is the size of each round permutation. So for any ε>0, a sufficient number of rounds would guarantee the security of the Misty structure up to 2n(1-ε) query complexity.
Linear complexity profile and correlation measure of order k are important pseudorandomness measures for sequences used in cryptography. We study both measures for a class of binary sequences called Legendre-Sidelnikov sequences. The proofs involve character sums.
In this paper, we study the security of the Misty structure, where each round function is chosen at random from the set of involutions. Based on the game-playing framework, we prove the pseudorandomness of the 3-round R-Misty structure and the 4-round L-Misty structure as well as the super-pseudorandomness of the 5-round R-Misty structure for m
It is known that a super-pseudorandom permutation can be constructed from a pseudorandom function f and two universal hash functions, h and h′. It is a four round Feistel permutation denoted by φ(hk,f,f,h′k′). In this paper, we show how to re-use the secret key for f in this construction. Specifically, we show that (1) the same key can be used for both h and h′, and (2) the key for h and h′can be derived from f. As a result, our construction requires only the key for f as a secret key, and it preserves computational efficiency and security. We show the full security proof of our construction. Also, we derive a similar result for a five round MISTY-type permutation.
Tetsu IWATA Tohru YAGI Kaoru KUROSAWA
KASUMI is a block cipher which has been adopted as a standard of 3GPP. In this paper, we study the pseudorandomness of idealized KASUMI type permutations for adaptive adversaries. We show that ●the four-round version is pseudorandom and ●the six-round version is super-pseudorandom.
It is known that a super-pseudorandom permutation on 2n bits can be obtained from a random function f on n bits and two bi-symmetric and AXU hash functions h1 and h2 on n bits. It has a Feistel type structure which is usually denoted by φ(h1,f, f, h2). Bi-symmetric and AXU hash functions h1,h2 are much weaker primitives than a random function f and they can be computed much faster than random functions. This paper shows that we can further weaken the condition on h1.
Tetsu IWATA Tomonobu YOSHINO Tomohiro YUASA Kaoru KUROSAWA
The security of an iterated block cipher heavily depends on its structure as well as each round function. Matsui showed that MISTY type structure is faster and more robust than Feistel structure in terms of its resistance against linear and differential cryptanalysis. On the other hand, Luby and Rackoff proved that the four round Feistel structure is super-pseudorandom if each round function fi is a random function. This paper proves that the five round MISTY type structure is super-pseudorandom. We also characterize its round security.