Sciweavers

ASIACRYPT
2000
Springer

On the Pseudorandomness of Top-Level Schemes of Block Ciphers

14 years 3 months ago
On the Pseudorandomness of Top-Level Schemes of Block Ciphers
Block ciphers are usually based on one top-level scheme into which we plug “round functions”. To analyze security, it is important to study the intrinsic security provided by the top-level scheme from the viewpoint of randomness: given a block cipher in which we replaced the lower-level schemes by idealized oracles, we measure the security (in terms of best advantage for a distinguisher) depending on the number of rounds and the number of chosen plaintexts. We then extrapolate a sufficient number of secure rounds given the regular bounds provided by decorrelation theory. This approach allows the comparison of several generalizations of the Feistel schemes and others. In particular, we compare the randomness provided by the schemes used by the AES candidates. In addition we provide a general paradigm for analyzing the security provided by the interaction between the different levels of the block cipher structure.
Shiho Moriai, Serge Vaudenay
Added 02 Aug 2010
Updated 02 Aug 2010
Type Conference
Year 2000
Where ASIACRYPT
Authors Shiho Moriai, Serge Vaudenay
Comments (0)