Expanding Weak PRF with Small Key Size
We propose modes for weakly-secure block ciphers that take one block input to provide output of arbitrary length. Damgård and Nielsen proposed such a mode called the Pseudorandom Tree (PRT) mode, and demonstrated that PRT could be used to establish a communication channel that is secure against Chosen-Plaintext Attacks, if the underlying block cipher is secure against any Known-Plaintext Attacks. We present a mode that reduces the key size of PRT to about 60% without any additional computation. We call this the Extended PRT (ERT) mode and prove its security. One drawback of PRT and ERT is that their key sizes are not much small under small expansion, since functions with small expansion are important from practical point of view. We also present a mode that greatly reduces the key size under small expansion.
KeywordsComposition Operator Expansion Rate Block Cipher Small Expansion Pseudorandom Function
Unable to display preview. Download preview PDF.
- 2.Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A Concrete Security Treatment of Symmetric Encryption. In: Proceedings of the 38th Annual Symposium on Foundations of Computer Science, FOCS 1997, pp. 394–403 (1997)Google Scholar
- 3.Bellare, M., Kilian, J., Rogaway, P.: The Security of Cipher Block Chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)Google Scholar
- 7.Klemm, A., Lindemann, C., Lohmann, M.: Traffic Modeling of IP Networks Using the Batch Markovian Arrival Process. In: Field, T., Harrison, P.G., Bradley, J., Harder, U. (eds.) TOOLS 2002. LNCS, vol. 2324, pp. 92–110. Springer, Heidelberg (2002)Google Scholar
- 12.Naor, M., Reingold, O.: Number-theoretic Constructions of Efficient Pseudo-random Functions. In: 38th Annual Symposium on Foundations of Computer Science, FOCS 1997, pp. 458–467 (1997)Google Scholar
- 13.Naor, M., Reingold, O.: From Unpredictability to Indistinguishability: A Simple Construction of Pseudo-Random Functions from MACs (extended abstract). In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 267–282. Springer, Heidelberg (1998)Google Scholar
- 16.3rd Generation Partnership Project, http://www.3gpp.org