Paper 2009/266

Pseudorandomness Analysis of the Lai-Massey Scheme

Yiyuan Luo, Xuejia Lai, Zheng Gong, and Zhongming Wu

Abstract

At Asiacrypt’99, Vaudenay modified the structure in the IDEA cipher to a new scheme, which they called as the Lai-Massey scheme. It is proved that 3-round Lai-Massey scheme is sufficient for pseudorandomness and 4-round Lai-Massey scheme is sufficient for strong pseudorandomness. But the author didn’t point out whether three rounds and four rounds are necessary for the pseudorandomness and strong pseudorandomness of the Lai-Massey Scheme. In this paper we find a two round pseudorandomness distinguisher and a three-round strong pseudorandomness distinguisher, thus prove that three rounds is necessary for the pseudorandomness and four rounds is necessary for the strong pseudorandomness.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
PsuedorandomnessLai-Massey
Contact author(s)
luoyiyuan @ sjtu edu cn
History
2009-06-09: received
Short URL
https://ia.cr/2009/266
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/266,
      author = {Yiyuan Luo and Xuejia Lai and Zheng Gong and Zhongming Wu},
      title = {Pseudorandomness Analysis of the Lai-Massey Scheme},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/266},
      year = {2009},
      url = {https://eprint.iacr.org/2009/266}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.