Cryptology ePrint Archive: Report 2014/093

The Related-Key Analysis of Feistel Constructions

Manuel Barbosa and Pooya Farshim

Abstract: It is well known that the classical three- and four-round Feistel constructions are provably secure under chosen-plaintext and chosen-ciphertext attacks, respectively. However, irrespective of the number of rounds, no Feistel construction can resist related-key attacks where the keys can be offset by a constant. In this paper we show that, under suitable reuse of round keys, security under related-key attacks can be provably attained. Our modification is substantially simpler and more efficient than alternatives obtained using generic transforms, namely the PRG transform of Bellare and Cash (CRYPTO 2010) and its random-oracle analogue outlined by Lucks (FSE 2004). Additionally we formalize Luck's transform and show that it does not always work if related keys are derived in an oracle-dependent way, and then prove it sound under appropriate restrictions.

Category / Keywords: secret-key cryptography / Feistel construction, Luby--Rackoff, Related-key attack, Pseudorandom permutation, Random oracle.

Original Publication (with minor differences): IACR-FSE-2014

Date: received 9 Feb 2014, last revised 23 Feb 2014

Contact author: mbb at di uminho pt

Available format(s): PDF | BibTeX Citation

Note: This is the full version of the FSE 2014 paper with the same title.

Version: 20140223:093942 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]