Paper 2018/816

Revisiting Key-alternating Feistel Ciphers for Shorter Keys and Multi-user Security

Chun Guo and Lei Wang

Abstract

Key-Alternating Feistel (KAF) ciphers, a.k.a. Feistel-2 models, refer to Feistel networks with round functions of the form $F_i(k_i\oplus x_i)$, where $k_i$ is the (secret) round-key and $F_i$ is a public random function. This model roughly captures the structures of many famous Feistel ciphers, and the most prominent instance is DES. Existing provable security results on KAF assumed independent round-keys and round functions (ASIACRYPT 2004 & FSE 2014). In this paper, we investigate how to achieve security under simpler and more realistic assumptions: with round-keys derived from a short main-key, and hopefully with identical round functions. For birthday-type security, we consider 4-round KAF, investigate the minimal conditions on the way to derive the four round-keys, and prove that when such adequately derived keys and the same round function are used, the 4-round KAF is secure up to $2^{n/2}$ queries. For beyond-birthday security, we focus on 6-round KAF. We prove that when the adjacent round-keys are independent, and independent round-functions are used, the 6 round KAF is secure up to $2^{2n/3}$ queries. To our knowledge, this is the first beyond-birthday security result for KAF without assuming completely independent round-keys. Our results hold in the multi-user setting as well, constituting the first non-trivial multi-user provable security results on Feistel ciphers. We finally demonstrate applications of our results on designing key-schedules and instantiating keyed sponge constructions.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2018
Keywords
blockcipherprovable securitymulti-user securitykey-alternating cipherFeistel cipherkey-schedule designkeyed sponge
Contact author(s)
chun guo sc @ gmail com
History
2018-09-06: received
Short URL
https://ia.cr/2018/816
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/816,
      author = {Chun Guo and Lei Wang},
      title = {Revisiting Key-alternating Feistel Ciphers for Shorter Keys and Multi-user Security},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/816},
      year = {2018},
      url = {https://eprint.iacr.org/2018/816}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.