Skip to main content
Conference ProceedingsOPEN ACCESS

A domain extender for the ideal cipher

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2010) 5978 LNCS 273-289
DOI: 10.1007/978-3-642-11799-2_17
37Citations
Citations of this article
35Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3-round Feistel, and is more efficient than first building a n-bit random oracle from a n-bit ideal cipher (as in [9]) and then a 2n-bit ideal cipher from a n-bit random oracle (as in [10], using a 6-round Feistel). We also show that 2 rounds are not enough for indifferentiability by exhibiting a simple attack. We also consider our construction in the standard model: we show that 2 rounds are enough to get a 2n-bit tweakable block-cipher from a n-bit tweakable block-cipher and we show that with 3 rounds we can get beyond the birthday security bound. © 2010 Springer.

Author supplied keywords

Cite

CITATION STYLE

APA

Coron, J. S., Dodis, Y., Mandal, A., & Seurin, Y. (2010). A domain extender for the ideal cipher. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5978 LNCS, pp. 273–289). https://doi.org/10.1007/978-3-642-11799-2_17

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free