Security Investigate

Luby-Rackoff Ciphers from Weak Round Functions?

Download now Free registration required

Executive Summary

The Feistel-network is a popular structure underlying many block-ciphers where the cipher is constructed from many simpler rounds, each defined by some function which is derived from the secret key. Luby and Racko showed that the three-round Feistel-network - each round instantiated with a pseudorandom function secure against adaptive Chosen Plaintext Attacks (CPA) - is a CPA secure pseudorandom permutation, thus giving some confidence in the soundness of using a Feistel-network to design block-ciphers. But the round functions used in actual block-ciphers are - for efficiency reasons - far from being pseudorandom.

  • Format: PDF
  • Size: 320.4 KB