Encyclopedia of Cryptography and Security

2011 Edition
| Editors: Henk C. A. van Tilborg, Sushil Jajodia

Luby-Rackoff Ciphers

  • Lars R Knudsen
Reference work entry
DOI: https://doi.org/10.1007/978-1-4419-5906-5_590

Related Concepts

Pseudorandom Permutation; Secret Key Encryption;  Symmetric Cryptography

Definition

A Luby-Rackoff cipher is a Feistel cipher where in each round the nonlinear function used is assumed to be chosen uniformly at random from the set of all such functions. These ciphers are mainly of theoretical interest.

Background

In their celebrated paper [ 2] Luby and Rackoff showed how to construct 2 n-bit Pseudorandom Permutations from n-bit random functions. The constructions use three and four rounds in Feistel networks with randomly chosen functions in the round functions. Let L and R be the left, respectively, the right n-bit halves of a 2 n-bit input. Then one round of a Feistel network is defined as follows:
$$F(L,R) = (R,L \oplus f(R)),$$
This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Coppersmith D (1996) Luby-Rackoff: four rounds is not enough. Technical report RC 20674. IBM, Yorktown HeightsGoogle Scholar
  2. 2.
    Luby M, Rackoff C (1998) How to construct pseudorandom permutations from pseudorandom functions. SIAM J Comput 17(2):373–386MathSciNetCrossRefGoogle Scholar
  3. 3.
    Naor M, Reingold O (1999) On the construction of pseudorandom permutations: Luby–Rackoff revisited. J Cryptol 12(1):29–66zbMATHMathSciNetCrossRefGoogle Scholar
  4. 4.
    Patarin J (1992) New results on pseudorandom permutations generators based on the DES scheme. In: Feigenbaum J (ed) Advances in cryptology – CRYPTO ’91: proceedings. Lecture notes in computer science, vol 576. Springer, Berlin, pp 301–312Google Scholar
  5. 5.
    Patarin J (1993) How to construct pseudorandom and super pseudorandom permutations from one single pseudorandom function. In: Rueppel RA (ed) Advances in cryptology – EUROCRYPT ’92: proceedings, Balatonfüred, 24–28 May 1992. Lecture notes in computer science, vol 658. Springer, Berlin, pp 256–266Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  • Lars R Knudsen
    • 1
  1. 1.Department of MathematicsTechnical University of DenmarkLyngbyDenmark