We will present two new and simple theorems that show that when we compose permutation generators with independent keys, then the “quality” of CCA security increases. These theorems (Theorems 2 and 5 of this paper) are written in terms of H-coefficients (which are nothing else, upto some normalization factors, than transition probabilities). Then we will use these theorems on the classical analysis of Random Feistel Schemes (i.e. Luby-Rackoff constructions) and we will compare the results with the coupling technique. Finally, we will show an interesting difference between 5 and 6 Random Feistel Schemes. With 5 rounds on 2n bits → 2 n bits, when the number of q queries satisfies √2n≪q≪2nwe have some “holes” in the H-coefficient values, i.e. some H values are much smaller than the average value of H. This property for 5 rounds does not exist any more on 6 rounds.
CITATION STYLE
Patarin, J. (2018). Two simple composition theorems with H-coefficients. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10831 LNCS, pp. 72–86). Springer Verlag. https://doi.org/10.1007/978-3-319-89339-6_5
Mendeley helps you to discover research relevant for your work.