Paper 2014/093

The Related-Key Analysis of Feistel Constructions

Manuel Barbosa and Pooya Farshim

Abstract

It is well known that the classical three- and four-round Feistel constructions are provably secure under chosen-plaintext and chosen-ciphertext attacks, respectively. However, irrespective of the number of rounds, no Feistel construction can resist related-key attacks where the keys can be offset by a constant. In this paper we show that, under suitable reuse of round keys, security under related-key attacks can be provably attained. Our modification is substantially simpler and more efficient than alternatives obtained using generic transforms, namely the PRG transform of Bellare and Cash (CRYPTO 2010) and its random-oracle analogue outlined by Lucks (FSE 2004). Additionally we formalize Luck's transform and show that it does not always work if related keys are derived in an oracle-dependent way, and then prove it sound under appropriate restrictions.

Note: This is the full version of the FSE 2014 paper with the same title.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in FSE 2014
Keywords
Feistel constructionLuby--RackoffRelated-key attackPseudorandom permutationRandom oracle.
Contact author(s)
mbb @ di uminho pt
History
2014-02-23: revised
2014-02-10: received
See all versions
Short URL
https://ia.cr/2014/093
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/093,
      author = {Manuel Barbosa and Pooya Farshim},
      title = {The Related-Key Analysis of Feistel Constructions},
      howpublished = {Cryptology ePrint Archive, Paper 2014/093},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/093}},
      url = {https://eprint.iacr.org/2014/093}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.