Abstract
Given (deterministic) ciphers ε and E that can encipher messages of l and n bits, respectively, we construct a cipher ε* = XLS[ε, E] that can encipher messages of l + s bits for any s < n. Enciphering such a string will take one call to ε and two calls to E. We prove that ε* is a strong pseudorandom permutation as long as ε and E are. Our construction works even in the tweakable and VIL (variable-input-length) settings. It makes use of a multipermutation (a pair of orthogonal Latin squares), a combinatorial object not previously used to get a provable-security result. © International Association for Cryptologic Research 2007.
Author supplied keywords
Cite
CITATION STYLE
Ristenpart, T., & Rogaway, P. (2007). How to enrich the message space of a cipher. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4593 LNCS, pp. 101–118). Springer Verlag. https://doi.org/10.1007/978-3-540-74619-5_7
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
