Efficient and Optimally Secure Key-Length Extension for Block Ciphers Via Randomized Cascading

Date Added: Mar 2012
Format: PDF

The authors consider the question of efficiently extending the key length of block ciphers. To date, the approach providing highest security is triple encryption (used e.g., in Triple-DES), which was proved to have roughly k + minfn=2; k=2g bits of security when instantiated with ideal block ciphers with key length k and block length n, at the cost of three block-cipher calls per message block. This paper presents a new practical key-length extension scheme exhibiting k + n=2 bits of security - hence improving upon the security of triple encryption - solely at the cost of two block cipher calls and a key of length k+n.