Paper 2018/816
Revisiting Key-alternating Feistel Ciphers for Shorter Keys and Multi-user Security
Chun Guo and Lei Wang
Abstract
Key-Alternating Feistel (KAF) ciphers, a.k.a. Feistel-2 models, refer to Feistel networks with round functions of the form $F_i(k_i\oplus x_i)$, where $k_i$ is the (secret) round-key and $F_i$ is a public random function. This model roughly captures the structures of many famous Feistel ciphers, and the most prominent instance is DES. Existing provable security results on KAF assumed independent round-keys and round functions (ASIACRYPT 2004 & FSE 2014). In this paper, we investigate how to achieve security under simpler and more realistic assumptions: with round-keys derived from a short main-key, and hopefully with identical round functions. For birthday-type security, we consider 4-round KAF, investigate the minimal conditions on the way to derive the four round-keys, and prove that when such adequately derived keys and the same round function are used, the 4-round KAF is secure up to $2^{n/2}$ queries. For beyond-birthday security, we focus on 6-round KAF. We prove that when the adjacent round-keys are independent, and independent round-functions are used, the 6 round KAF is secure up to $2^{2n/3}$ queries. To our knowledge, this is the first beyond-birthday security result for KAF without assuming completely independent round-keys. Our results hold in the multi-user setting as well, constituting the first non-trivial multi-user provable security results on Feistel ciphers. We finally demonstrate applications of our results on designing key-schedules and instantiating keyed sponge constructions.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2018
- Keywords
- blockcipherprovable securitymulti-user securitykey-alternating cipherFeistel cipherkey-schedule designkeyed sponge
- Contact author(s)
- chun guo sc @ gmail com
- History
- 2018-09-06: received
- Short URL
- https://ia.cr/2018/816
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/816, author = {Chun Guo and Lei Wang}, title = {Revisiting Key-alternating Feistel Ciphers for Shorter Keys and Multi-user Security}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/816}, year = {2018}, url = {https://eprint.iacr.org/2018/816} }