We describe a security-preserving construction of a random permutation of domain size N from a random function, the construction tolerating adversaries asking all N plaintexts, yet employing just calls, on average, to the one-bit-output random function. The approach is based on card shuffling. The basic idea is to use the sometimes-recursetransformation: lightly shuffle the deck (with some other shuffle), cut the deck, and then recursively shuffle one of the two halves. Our work builds on a recent paper of Ristenpart and Yilek. © 2014 International Association for Cryptologic Research.
CITATION STYLE
Morris, B., & Rogaway, P. (2014). Sometimes-recurse shuffle: Almost-random permutations in logarithmic expected time. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8441 LNCS, pp. 311–326). Springer Verlag. https://doi.org/10.1007/978-3-642-55220-5_18
Mendeley helps you to discover research relevant for your work.