The Indistinguishability of the XOR of \(k\) Permutations

  • Benoit Cogliati
  • Rodolphe Lampe
  • Jacques Patarin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8540)


Given \(k\) independent pseudorandom permutations \(f_1,\ldots ,f_k\) over \(\{0,1\}^n\), it is natural to define a pseudorandom function by XORing the permutations: \(f_1\oplus \ldots \oplus f_k\). In [9] Stefan Lucks studied the security of this PRF. In this paper we improve the security bounds of [9] by using different proof techniques.


Pseudorandom functions Pseudorandom permutations Security beyond the birthday bound Luby-Rackoff backwards 


  1. 1.
    Aiello, W., Venkatesan, R.: Foiling birthday attacks in length-doubling transformations. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 307–320. Springer, Heidelberg (1996) Google Scholar
  2. 2.
    Bellare, M., Impagliazzo, R.: A Tool for Obtaining Tighter Security Analyses of Pseudorandom Function Based Constructions, with Applications to PRP to PRF Conversion. ePrint Archive 1999/024: Listing for 1999 (1999)Google Scholar
  3. 3.
    Bellare, M., Krovetz, T., Rogaway, P.: Luby-rackoff backwards: increasing security by making block ciphers non-invertible. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 266–280. Springer, Heidelberg (1998) CrossRefGoogle Scholar
  4. 4.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)CrossRefMathSciNetGoogle Scholar
  5. 5.
    Hall, C., Wagner, D., Kelsey, J., Schneier, B.: Building PRFs from PRPs. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, p. 370. Springer, Heidelberg (1998) Google Scholar
  6. 6.
    Levin, L.: One way functions and pseudorandom generators. Combinatorica 7(4), 357–363 (1987)CrossRefzbMATHMathSciNetGoogle Scholar
  7. 7.
    Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17(2), 373–386 (1988)CrossRefzbMATHMathSciNetGoogle Scholar
  8. 8.
    Lucks, S.: Faster Luby-Rackoff ciphers. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 189–203. Springer, Heidelberg (1996) CrossRefGoogle Scholar
  9. 9.
    Lucks, S.: The sum of PRPs is a secure PRF. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 470–484. Springer, Heidelberg (2000) CrossRefGoogle Scholar
  10. 10.
    Mandal, A., Patarin, J., Nachef, V.: Indifferentiability beyond the birthday bound for the XOR of two public random permutations. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 69–81. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  11. 11.
    Naor, M., Reingold, O.: On the construction of pseudo-random permutations: Luby-Rackoff revisited. J. Cryptol. 12(1), 29–66 (1999)CrossRefzbMATHMathSciNetGoogle Scholar
  12. 12.
    Patarin, J.: A proof of security in \(O(2^n)\) for the XOR of two random permutation. In: Safavi-Naini, R. (ed.) ICITS 2008. LNCS, vol. 5155, pp. 232–248. Springer, Heidelberg (2008)Google Scholar
  13. 13.
    Patarin, J.: Generic Attacks for the XOR of \(k\) Random Permutations. Available on eprint (2008)Google Scholar
  14. 14.
    Patarin, J.: The “coefficients H” technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328–345. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  15. 15.
    Patarin, J.: Security in \(O(2^n)\) for the XOR of Two Random Permutations - Proof with the standard \(H\) technique - Available on eprint (2013)Google Scholar

Copyright information

© International Association for Cryptologic Research 2015

Authors and Affiliations

  • Benoit Cogliati
    • 1
  • Rodolphe Lampe
    • 1
  • Jacques Patarin
    • 1
  1. 1.University of VersaillesParisFrance

Personalised recommendations