Abstract
Card shuffle algorithms have been studied from a cryptographic point of view with applications to format preserving encryption. In this work, we naturally extend the swap-or-not shuffle, proposed by Hoang, Morris and Rogaway at Crypto 2012, by replacing a perfect matching used in each round by a keyed partition with a certain uniform property. The resulting construction, dubbed the partition-and-mix (or simply \(\textsf{PM}\)) shuffle, is proved to be secure up to \((1-\delta )N\) queries for any \(\delta >0\) and the domain size N, while the number of rounds is significantly reduced compared to the swap-or-not. We give concrete examples of the keyed partitions that provide security as well as allow efficient implementation in practice. Such uniform keyed partitions seem of independent interest. The partition-and-mix shuffle might also be viewed as an alternative block cipher structure that extends the domain of a small block cipher operating on each block of the partition.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
The coefficient “4” appearing in the original upper bound in [8] should be corrected as “8”.
When we look at the security proof, the permutation family \(\sigma \) do not need to be independent for every distinct key K; they are required to be independent only for every block once a partition is fixed.
References
Beierle C., Jean J., Kšlbl S., Leander G., Moradi A., Peyrin T., Sasaki Y., Sasdrich P., Sim S.M.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Advances in Cryptology-CRYPTO 2016, pp. 123–153. Springer, Berlin Heidelberg (2016).
Bellare M., Ristenpart T., Rogaway P., Stegers T.: Format-preserving encryption. In: Selected Areas in Cryptography, pp. 295–312. Springer, Berlin Heidelberg (2009).
Bellare M., Rogaway P., Spies T.: The FFX mode of operation for format-preserving encryption. Unpublished NIST proposal (2010)
Brier E., Peyrin T., Stern J. BPS: a format-preserving encryption proposal. Submission to NIST, available from their website (2010).
Chen S., Steinberger J.: Tight security bounds for key-alternating ciphers. In: Advances in Cryptology-EUROCRYPT 2014, pp. 327–350. Springer, Berlin Heidelberg (2014).
Coron J.S., Dodis Y., Mandal A., Seurin Y.: A domain extender for the ideal cipher. In: Theory of Cryptography, pp. 273–289. Springer, Berlin Heidelberg (2010).
Even S., Mansour Y.: A construction of a cipher from a single pseudorandom permutation. J. Cryptol. 10(3), 151–161 (1997).
Hoang V.T., Morris B., Rogaway P.: An enciphering scheme based on a card shuffle. In: Advances in Cryptology-CRYPTO 2012, pp. 1–13. Springer, Berlin Heidelberg (2012).
Maurer U., Pietrzak K., Renner R.: Indistinguishability amplification. In: Advances in Cryptology-CRYPTO 2007, pp. 130–149. Springer, Berlin Heidelberg (2007).
Morris B., Rogaway P., Stegers T.: How to encipher messages on a small domain. In: Advances in Cryptology-CRYPTO 2009, pp. 286–302. Springer, Berlin Heidelberg (2009).
Morris B., Rogaway P.: Sometimes-Recurse Shuffle. In: Advances in Cryptology-EUROCRYPT 2014, pp. 311–326. Springer, Berlin Heidelberg (2014).
Patarin J.: Luby-Rackoff: \(7\) rounds are enough for \(2n(1-\varepsilon )\) security. In: Advances in Cryptology-CRYPTO 2003, pp. 513–529. Springer, Berlin Heidelberg (2003).
Patarin J.: Security of random Feistel schemes with 5 or more rounds. In: Advances in Cryptology-CRYPTO 2004, pp. 106–122. Springer, Berlin Heidelberg (2004).
Ristenpart T., Yilek S.: The mix-and-cut shuffle: small-domain encryption secure against N queries. In: Advances in Cryptology-CRYPTO 2013, pp. 392–409. Springer, Berlin Heidelberg (2013).
Stefanov E., Shi E.: FastPRP: fast pseudo-random permutations for small domains. IACR Cryptol. 2012, 254 (2012).
Thorp E.O.: Nonrandom shuffling with applications to the game of Faro. J. Am. Stat. Assoc. 68(344), 842–847 (1973).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by M. Paterson.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Nam-Su Jho was supported by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea government(MSIT) (No.2021-0-00779, Development of high-speed encryption data processing technology that guarantees privacy based hardware).
Jooyoung Lee was supported by Institute of Information & Communications Technology Planning & Evaluation (IITP) Grant funded by the Korea government (MSIT) (No. 2022-0-01202, Regional strategic industry convergence security core talent training business).
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Jho, NS., Lee, J. Partition and mix: generalizing the swap-or-not shuffle. Des. Codes Cryptogr. 91, 2237–2254 (2023). https://doi.org/10.1007/s10623-023-01199-4
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-023-01199-4