## Cryptology ePrint Archive: Report 2016/825

Revisiting Cascade Ciphers in Indifferentiability Setting

Chun Guo and Dongdai Lin and Meicheng Liu

Abstract: Shannon defined an ideal $(\kappa,n)$-blockcipher as a secrecy system consisting of $2^{\kappa}$ independent $n$-bit random permutations.

In this paper, we revisit the following question: in the ideal cipher model, can a cascade of several ideal $(\kappa,n)$-blockciphers realize an ideal $(2\kappa,n)$-blockcipher? The motivation goes back to Shannon's theory on product secrecy systems, and similar question was considered by Even and Goldreich (CRYPTO '83) in different settings. We give the first positive answer: for the cascade of independent ideal $(\kappa,n)$-blockciphers with two alternated independent keys, four stages are necessary and sufficient to realize an ideal $(2\kappa,n)$-blockcipher, in the sense of indifferentiability of Maurer et al. (TCC 2004). This shows cascade capable of achieving key-length extension in the settings where keys are \emph{not necessarily secret}.

Category / Keywords: blockcipher, cascade, ideal cipher, indifferentiability.

Date: received 25 Aug 2016, last revised 22 May 2017

Contact author: guochun at iie ac cn

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2016/825

[ Cryptology ePrint archive ]