Advertisement

Building PRFs from PRPs

  • Chris Hall
  • David Wagner
  • John Kelsey
  • Bruce Schneier
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1462)

Abstract

We evaluate constructions for building pseudo-random functions (PRFs) from pseudo-random permutations (PRPs). We present two constructions: a slower construction which preserves the security of the PRP and a faster construction which has less security. One application of our construction is to build a wider block cipher given a block cipher as a building tool. We do not require any additional constructions—e.g. pseudo-random generators—to create the wider block cipher. The security of the resulting cipher will be as strong as the original block cipher.

Keywords

pseudo-random permutations pseudo-random functions concrete security block ciphers cipher feedback mode 

References

  1. [AV96]
    W. Aiello, R. Venkatesan, “Foiling birthday attacks in length doubling transformations,” Advances in Cryptology — EUROCRYPT '96 Proceedings, Springer-Verlag, pp. 307–320.Google Scholar
  2. [BCK96]
    M. Bellare, R. Canetti, H. Krawczyk, “Pseudorandom Functions Revisited: The Cascade Construction and its Concrete Security,” Proceedings of the 37th Symposium on Foundations of Computer Science, IEEE, 1996.Google Scholar
  3. [BDJR97]
    M. Bellare, A. Desai, E. Jokipii, P. Rogaway, “A Concrete Security Treatment of Symmetric Encryption: Analysis of the DES Modes of Operation,” Full version, Extended abstract in Proceedings of 38th Annual Symposium on Foundations of Computer Science (FOCS 97), IEEE, 1997.Google Scholar
  4. [BGR95]
    M. Bellare, R. Guérin, P. Rogaway, “XOR MACs: New methods for message authentication using finite pseudorandom functions,” Advances in Cryptology—CRYPTO '95 Proceedings, Springer-Verlag, 1995, pp 15–28.Google Scholar
  5. [BKR94]
    M. Bellare, J. Kilian, P. Rogaway, “The security of cipher block chaining,” Advances in Cryptology—CRYPTO '94 Proceedings, Springer-Verlag, 1994.Google Scholar
  6. [BKR98]
    M. Billare, T. Krovetz, P. Rogaway, “Luby-Rackoff Backwards: Increasing Security by Making Block Ciphers Non-Invertible (Extended Abstract),” Advances in Cryptology—EUROCRYPT '98 Proceedings, Springer-Verlag, 1998.Google Scholar
  7. [BM84]
    M. Blum, S. Micali, “How to Generate Cryptographically Strong Sequences of Pseudo-random Bits,” SIAM J. Comput., 13 (Nov. 1984), pp. 850–864.MATHMathSciNetCrossRefGoogle Scholar
  8. [C97]
    D. Coppersmith, “Luby-Rackoff: Four rounds is not enough,” IBM Research Report, RC 20674 (12/24/96), Mathematics.Google Scholar
  9. [GGM86]
    O. Goldreich, S. Goldwasser, S. Micali, “How to Construct Random Functions,” Journal of the ACM, Vol. 33, No. 4, October 1986, pp. 792–807.MathSciNetCrossRefGoogle Scholar
  10. [LR88]
    M. Luby, C. Rackoff, “How to Construct Pseudorandom Permutations from Pseudorandom Functions,” SIAM J. Comput., Vol. 17, No. 2, April 1988, pp. 373–386.MATHMathSciNetCrossRefGoogle Scholar
  11. [Lub96]
    M. Luby, Pseudorandomness and Cryptographic Applications, Princeton University Press, 1996.Google Scholar
  12. [Luc96]
    S. Lucks, “Faster Ruby-Lackoff Ciphers,” Proceedings of Third Fast Software Encryption Workshop, Springer-Verlag, pp. 189–203.Google Scholar
  13. [M92]
    U.M. Maurer, “A Simplified and Generalized Treatment of Luby-Rackoff Pseudorandom Permutation Generators,” Advances in Cryptology—EUROCRYPT '92 Proceedings, Springer-Verlag, 1992, pp. 239–255.Google Scholar
  14. [MMO85]
    S.M. Matyas, C.H. Meyeter, J. Oseas, “Generating strong one-way functions with cryptographic algorithm,” IBM Technical Disclosure Bulletin, 27 (1985), 5658–5659.Google Scholar
  15. [NR96]
    M. Naor, O. Reingold, “On the construction of pseudo-random permutations: Luby-Rackoff revisited.,” preliminary version, http://www.wisdom.veizmann.ac.il/Papers/trs/CS96-10/abstract.htmlGoogle Scholar
  16. [P90]
    J. Pieprzyk, “How to Construct Pseudorandom Permutations from Single Pseudorandom Functions,” Advances in Cryptology—EUROCRYPT '90, Springer-Verlag, pp. 140–150.Google Scholar
  17. [P91a]
    J. Patarin, “Etude des gńŕateurs de permutations basés sure le Schéma du D.E.S.,” Ph. D. Thesis, INRIA, Domaine de Voluceau, Le Chesnay, France, 1991.Google Scholar
  18. [P91b]
    J. Patarin, “New Results on Pseudorandom Permutation Generators Based on the DES Scheme,” Advances in Cryptology—CRYPTO '91 Proceedings, Springer-Verlag, pp. 301–312.Google Scholar
  19. [P92]
    J. Patarin, “How to Consruct Pseudorandom and Super Pseudorandom Permutations from One Single Pseudorandom Function,” Advances in Cryptology—EUROCRYPT '92 Proceedings, Springer-Verlag, pp. 256–266.Google Scholar
  20. [P97]
    J. Patarin, “Improved Security Bounds for Pseudorandom Permutations,” Proceedings of the Fourth ACM Conference on Computer and Communications Security, April 1–4, 1997, pp. 142–150.Google Scholar
  21. [P98]
    J. Patarin, “About Feistel Schemes with Six (or More) Rounds,” Proceedings of the Fifth Fast Software Encryption Workshop, LNCS 1372, Springer, 1998, pp. 103–121.Google Scholar
  22. [PO95]
    B. Preneel, P. van Oorschot, “MDx MAC and building fast MACs from hash functions,” Advances in Cryptology—CRYPTO '95 Proceedings, LNCS 1070, Springer-Verlag, 1996.Google Scholar
  23. [SP91]
    B. Sadeghiyan, J. Pieprzyk, “On Necessary and Sufficient Conditions for the Construction of Super Pseudorandom Permutations,” Advances in Cryptology—ASIACRYPT '91, Springer-Verlag, pp. 194–209.Google Scholar
  24. [SP92]
    B. Sadeghiyan, J. Pieprzyk, “A Construction for Super Pseudorandom Permutations from A Single Pseudorandom Function,” Advances in Cryptology—EUROCRYPT '92, Springer-Verlag, pp. 267–284.Google Scholar
  25. [Y82]
    A.C. Yao, “Theory and Applications of Trapdoor Functions,” Proceedings of the 23rd IEEE Symposium on Foundations of Computer Science, IEEE, New York, 1982, pp. 80–91.Google Scholar
  26. [ZMI89a]
    , Y. Zheng, T. Matsumoto, H. Imai, “On the Construction of Block Ciphers Provably Secure and Not Relying on Any Unproved Hypothesis,” Advances in Cryptology—CRYPTO '89 Proceedings, Springer-Verlag, pp. 461–480.Google Scholar
  27. [ZMI89b]
    Y. Zheng, T. Matsumoto, H. Imai, “Impossibility and Optimality Results on Constructing Pseudorandom Permutations,” Advances in Cryptology—EUROCRYPT '89, Springer-Verlag, pp. 412–421.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Chris Hall
    • 1
  • David Wagner
    • 2
  • John Kelsey
    • 1
  • Bruce Schneier
    • 1
  1. 1.Counterpane SystemsUSA
  2. 2.U.C. BerkeleyUSA

Personalised recommendations