Security of the Misty Structure Using Involutions as Round Functions

@article{Lee2010SecurityOT,
  title={Security of the Misty Structure Using Involutions as Round Functions},
  author={Jooyoung Lee and Bonwook Koo},
  journal={IEICE Trans. Fundam. Electron. Commun. Comput. Sci.},
  year={2010},
  volume={93-A},
  pages={1612-1619},
  url={https://api.semanticscholar.org/CorpusID:37254076}
}
The results generalize the results of [10] giving the first construction of a (strong) pseudorandom permutation based on random involutions (without any restriction on the number of fixed points), and suggest a new criterion for design of block ciphers in an involutional Misty structure that each round function should have a constant number of Fixed points.
View via Publisher
search.ieice.org
3 Citations
Background Citations
3

3 Citations

On Constructing Pseudorandom Involutions: Feistel variants using a single round function

This paper reconsiders constructing pseudorandom involutions and demonstrates the 4-round Feistel network using the same random function (Feistel-SF) in every round is a pseudorandom involution, and shows insecurity of 3-round Feistel-SF by exhibiting an attack.

Key alternating ciphers based on involutions

It is proved that the Even–Mansour cipher based on a random involution is as secure as the permutation-based one when the number of construction queries is limited by the birthday bound.

Security of the Misty Structure Beyond the Birthday Bound

It is shown that an r-round Misty structure is secure against CCA attacks up to O(2 rn r+7 ) query complexity, where n is the size of each round permutation.

10 References

Security of the MISTY Structure in the Luby-Rackoff Model: Improved Results

This paper considers the security of the Misty structure in the Luby-Rackoff model, if the inner functions are replaced by involutions without fixed point, and shows that the success probability in distinguishing a 4-round L-scheme from a random function is O(m2/2n) when the adversary is allowed to make adaptively chosen encryption queries.

Round Security and Super-Pseudorandomness of MISTY Type Structure

This paper proves that the five round MISTY type structure is super-pseudorandom, and characterize its round security.

Non-cryptographic primitive for pseudorandom permutation

On Non-Pseudorandomness from Block Ciphers with Provable Immunity Against Linear Cryptanalysis (Special Section on Cryptography and Information Security)

Results clearly indicate that provable immunity against linear and diierential cryptanalysis is not adequate for designing a secure block cipher, and the security of the MISTY cipher will remain open until a close examination of its resistance is conducted against other cryptanalytic attacks than the linear or diIErential attack.

New Block Encryption Algorithm MISTY

The software implementation of MISTY1 with eight rounds can encrypt a data stream in CBC mode at a speed of 20Mbps and 40Mbps on Pentium/100MHz and PA-7200/120MHz, respectively.

Code-Based Game-Playing Proofs and the Security of Triple Encryption

This work illustrates this by using games as the central tool for proving security of three-key tripleencryption, a long-standing open problem, and demonstrates that for DES parameters (56-bit keys and 64-bit plaintexts) an adversary’s maximal advantage is small until it asks about 2 queries.

The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs

It is demonstrated that for DES parameters (56-bit keys and 64-bit plaintexts) an adversary's maximal advantage against triple encryption is small until it asks about 278 queries.

ICEBERG : An Involutional Cipher Efficient for Block Encryption in Reconfigurable Hardware

The resulting design offers better hardware efficiency than other recent 128-key-bit block ciphers and Resistance against side-channel cryptanalysis was also considered as a design criteria for ICEBERG.

The KHAZAD Legacy-Level Block Cipher

Khazad is a 64-bit (legacy-level) block cipher that accepts a 128-bit key. The cipher is a uniform substitution-permutation network whose inverse only differs from the forward operation in the key

On Recursions Connected With Symmetric Groups I

Although the title of the paper suggests that the nature of the problem considered is group theoretic, our methods are almost completely combinatorial and number theoretic in nature, the group theory