Abstract
We denote by ψ k the permutation generator based on the DES Scheme with k rounds where the S boxes are replaced by random independant functions. We denote by |P 1 − P 1*|, (respectively |P 1 − P 1**|), the probability of distinguishing such a permutation from a random function (respectively from a random permutation) by means of a distinguishing circuit that has m oracle gates.
In 1988, M. Luby and C. Rackoff [1] proved that
At Eurocrypt 90, J. Pieprzyk wondered at the end of his paper [4] if that inequality could be improved. This is the problem we consider here. In particular, such an improvement could greatly reduce the length of the keys used in a “direct” application of these theorems to a cryptosystem.
Our main results will be:
-
1.
For ψ 3 and ψ 4 there is no really tighter inequality than \( \leqslant \frac{{m(m - 1)}} {{2^n }} \) .
-
2.
However for ψ 5 (and then for ψ k, k ≥ 5), there is a much tighter inequality than Luby - Rackoff’s one. For example for ψ 6, |P 1 − P 1*| and |P 1 − P 1**| are \( \leqslant \frac{{12m.}} {{2^n }} + \frac{{18m^3 }} {{2^{2n} }} \) .
-
3.
When m is very small (m = 2 or 3 for example) it is possible to have an explicit evaluation of the effects of the number of rounds k on the “better and better pseudorandomness” of ψ k.
Download to read the full chapter text
Chapter PDF
References
M. Luby and Ch. Rackoff, How to construct pseudorandom permutations from pseudorandom functions, SIAM Journal and Computing, 17(2): 373–386, April 1988.
J. Patarin, Pseudorandom permutations based on the DES Scheme, Proceedings of EUROCODE’90.
J. Patarin, Etude des générateurs de permutations basés sur le Schéma du D.E.S., Thèse. To be publish in September 1991, INRIA, Domaine de Voluceau, Le Chesnay, France.
J. Pieprzyk, How to construct pseudorandom permutations from Single Pseudorandom Functions, EUROCRYPT’90, Århus, Denmark, May 1990.
Y. Zheng, T. Matsumoto and H. Imai, Impossibility and optimality results on constructing pseudorandom permutations, Abstract of EUROCRYPT’89, Houthalen, Belgium, April 1989.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1992 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Patarin, J. (1992). New Results on Pseudorandom Permutation Generators Based on the Des Scheme. In: Feigenbaum, J. (eds) Advances in Cryptology — CRYPTO ’91. CRYPTO 1991. Lecture Notes in Computer Science, vol 576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46766-1_25
Download citation
DOI: https://doi.org/10.1007/3-540-46766-1_25
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-55188-1
Online ISBN: 978-3-540-46766-3
eBook Packages: Springer Book Archive