Advertisement

Ciphers Secure against Related-Key Attacks

  • Stefan Lucks
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3017)

Abstract

In a related-key attack, the adversary is allowed to transform the secret key and request encryptions of plaintexts under the transformed key. This paper studies the security of PRF- and PRP-constructions against related-key attacks.

For adversaries who can only transform a part of the key, we propose a construction and prove its security, assuming a conventionally secure block cipher is given. By the terms of concrete security, this is an improvement over a recent result by Bellare and Kohno [2]. Further, based on some technical observations, we present two novel constructions for related-key secure PRFs, and we prove their security under number-theoretical infeasibility assumptions.

Keywords

related-key attacks provable security pseudorandom functions block ciphers concrete security 

References

  1. 1.
    Bellare, M., Kohno, T.: A theoretical treatment of related-key attacks: RKA-PRPs RKAPRFs and applications. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 491–506. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Kohno, T.: A theoretical treatment of related-key attacks: RKA-PRPs RKAPRFs and applications. March 18, Full version of [1], http://www.cs.ucsd.edu/users/tkohno/papers/RKA/ (URL checked: January 14 (2003)
  3. 3.
    Biham, E.: New types of cryptanalytic attacks using related keys. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 398–409. Springer, Heidelberg (1993)Google Scholar
  4. 4.
    Daemen, J., Rijmen, V.: AES proposal: RijndaelGoogle Scholar
  5. 5.
    Daemen, J., Rijmen, V.: The design of Rijndael. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  6. 6.
    Dworkin, M.: DRAFT Recommendation for block cipher modes of operation: the RMAC authentication mode. NIST Special Publication 800-38b, October 18 (2002)Google Scholar
  7. 7.
    Ferguson, N., Kelsey, J., Lucks, S., Schneier, B., Stay, M., Wagner, D., Whiting, D.: Improved cryptanalysis of Rijndael. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 213–230. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Jaulmes, E., Joux, A., Valette, F.: On the security of randomized CBC-MAC beyond the birthday paradox limit: A new construction. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, p. 237. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Kelsey, J., Schneier, B., Wagner, D.: Key-schedule cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 237–251. Springer, Heidelberg (1996)Google Scholar
  10. 10.
    Kelsey, J., Schneier, B., Wagner, D.: Related-key cryptanalysis of 3-Way, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 233–246. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  11. 11.
    Knudsen, L.: Cryptanalysis of LOKI91. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 196–208. Springer, Heidelberg (1992)Google Scholar
  12. 12.
    Knudsen, L., Kohno, T.: Analysis of RMAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 182–191. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Liskov, M., Rivest, R., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    Naor, M., Reingold, O.: On the construction of pseudo-random permutations: Luby-Rackoff revisited. J. of Cryptology 12, 29–66 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Pointcheval, D.: New public key cryptosystems based on the dependent-RSA problems. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 239–254. Springer, Heidelberg (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Stefan Lucks
    • 1
  1. 1.University of MannheimGermany

Personalised recommendations