Security

Pseudorandom Functions and Permutations Provably Secure Against Related-Key Attacks

Free registration required

Executive Summary

This paper fills an important foundational gap with the first proofs, under standard assumptions and in the standard model, of the existence of Pseudorandom Functions (PRFs) and Pseudorandom Permutations (PRPs) resisting rich and relevant forms of Related-Key Attacks (RKA). An RKA allows the adversary to query the function not only under the target key but under other keys derived from it in adversary-specified ways. Based on the Naor-Reingold PRF the authors obtain an RKA-PRF whose keyspace is a group and that is proven, under DDH, to resist attacks in which the key may be operated on by arbitrary adversary-specified group elements.

  • Format: PDF
  • Size: 313.59 KB