eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.
You are looking at a specific version 20120324:064137 of this paper. See the latest version.

Paper 2012/158

Efficient and Optimally Secure Key-Length Extension for Block Ciphers via Randomized Cascading

Peter Gazi and Stefano Tessaro

Abstract

We consider the question of efficiently extending the key length of block ciphers. To date, the approach providing highest security is triple encryption (used e.g. in Triple-DES), which was proved to have roughly k + min{n/2, k/2} bits of security when instantiated with ideal block ciphers with key length k and block length n, at the cost of three block-cipher calls per message block. This paper presents a new practical key-length extension scheme exhibiting k + n/2 bits of security – hence improving upon the security of triple encryption – solely at the cost of two block cipher calls and a key of length k + n. We also provide matching generic attacks showing the optimality of the security level achieved by our approach with respect to a general class of two-query constructions.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. A preliminary version of this paper appears in the proceedings of EUROCRYPT 2012. This is the full version.
Keywords
Block ciphersCascade encryptionProvable security.
Contact author(s)
peter gazi @ inf ethz ch
History
2012-03-24: revised
2012-03-23: received
See all versions
Short URL
https://ia.cr/2012/158
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.