Generic attacks on feistel schemes

40Citations
Citations of this article
49Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Let A be a Feistel scheme with 5 rounds from 2n bits to 2n bits. In the present paper we show that for most such schemes A: 1. It is possible to distinguish A from a random permutation from 2n bits to 2n bits after doing at most O(2 (formula presented) computations with O(2 (formula presented) random plaintext/ciphertext pairs. 2. It is possible to distinguish A from a random permutation from 2n bits to 2n bits after doing at most O(2 (formula presented) computations with O(2 (formula presented) chosen plaintexts. Since the complexities are smaller than the number 22n of possible inputs, they show that some generic attacks always exist on Feistel schemes with 5 rounds. Therefore we recommend in Cryptography to use Feistel schemes with at least 6 rounds in the design of pseudo-random permutations. We will also show in this paper that it is possible to distinguish most of 6 round Feistel permutations generator from a truly random permutation generator by using a few (i.e. O(1)) permutations of the generator and by using a total number of O(22n) queries and a total of O(22n) computations. This result is not really useful to attack a single 6 round Feistel permutation, but it shows that when we have to generate several pseudorandom permutations on a small number of bits we recommend to use more than 6 rounds. We also show that it is also possible to extend these results to any number of rounds, however with an even larger complexity.

Cite

CITATION STYLE

APA

Patarin, J. (2001). Generic attacks on feistel schemes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2248, pp. 222–238). Springer Verlag. https://doi.org/10.1007/3-540-45682-1_14

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free