Paper 2004/331

Code-Based Game-Playing Proofs and the Security of Triple Encryption

Mihir Bellare and Phillip Rogaway


The game-playing technique is a powerful tool for analyzing cryptographic constructions. We illustrate this by using games as the central tool for proving security of three-key triple-encryption, a long-standing open problem. Our result, which is in the ideal-cipher model, demonstrates that for DES parameters (56-bit keys and 64-bit plaintexts) an adversary's maximal advantage is small until it asks about $2^{78}$ queries. Beyond this application, we develop the foundations for game playing, formalizing a general framework for game-playing proofs and discussing techniques used within such proofs. To further exercise the game-playing framework we show how to use games to get simple proofs for the PRP/PRF Switching Lemma, the security of the basic CBC~MAC, and the chosen-plaintext-attack security of OAEP.

Note: An earlier version of this paper was entitled "The Game-Playing Technique." The current version is substantially different.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Cryptographic analysis techniques
Contact author(s)
mihir @ cs ucsd edu
2008-11-29: last of 16 revisions
2004-11-30: received
See all versions
Short URL
Creative Commons Attribution


      author = {Mihir Bellare and Phillip Rogaway},
      title = {Code-Based Game-Playing Proofs and the Security of Triple Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2004/331},
      year = {2004},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.