Cryptology ePrint Archive: Report 2014/093
The Related-Key Analysis of Feistel Constructions
Manuel Barbosa and Pooya Farshim
Abstract: It is well known that the classical three- and four-round Feistel constructions are provably secure under chosen-plaintext and chosen-ciphertext attacks, respectively. However, irrespective of the number of rounds, no Feistel construction can resist related-key attacks where the keys can be offset by a constant. In this paper we show that, under suitable reuse of round keys, security under related-key attacks can be provably attained. Our modification is substantially simpler and more efficient than alternatives obtained using generic transforms, namely the PRG transform of Bellare and Cash (CRYPTO 2010) and its random-oracle analogue outlined by Lucks (FSE 2004).
Additionally we formalize Luck's transform and show that it does not always work if related keys are derived in an oracle-dependent way, and then prove it sound under appropriate restrictions.
Category / Keywords: secret-key cryptography / Feistel construction, Luby--Rackoff, Related-key attack, Pseudorandom permutation, Random oracle.
Original Publication (with minor differences): IACR-FSE-2014
Date: received 9 Feb 2014, last revised 23 Feb 2014
Contact author: mbb at di uminho pt
Available format(s): PDF | BibTeX Citation
Note: This is the full version of the FSE 2014 paper with the same title.
Version: 20140223:093942 (All versions of this report)
Short URL: ia.cr/2014/093
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]