Welcome to the resource topic for 2009/287
Title:
Generic Attacks on Alternating Unbalanced Feistel Schemes
Authors: Valerie Nachef
Abstract:\begin{abstract} Generic attacks against classical (balanced) Feistel schemes, unbalanced Feistel schemes with contracting functions and unbalanced Feistel schemes with expanding functions have been studied in \cite {P01}, \cite{Jut}, \cite{PNB06}, \cite{PNB07}. In this paper we study schemes where we use alternatively contracting random functions and expanding random functions. We name these schemes Alternating Unbalanced Feistel Schemes''. They allow constructing pseudo-random permutations from $kn$ bits to $kn$ bits where $k \geq 3$. At each round, we use either a random function from $n$ bits to $(k-1)n$ bits or a random function from $(k-1)n$ bits to $n$ bits. We describe the best generic attacks we have found. We presentknown plaintext attacks’’ (KPA) and ``non-adaptive chosen plaintext attacks’’ (CPA-1). Let d be the number of rounds. We show that if d \leq k, there are CPA-1 with 2 messages and KPA with m the number of messages about 2^{\frac {(d-1)n}{4}}. For d \geq k+1 we have to distinguish k even and k odd. For k even, we have m=2 in CPA-1 and m \simeq 2^{\frac {kn}{4}} in KPA. When k is odd, we show that there exist CPA-1 for d \leq 2k-1 and KPA for d \leq 2k+3 with less than 2^{kn} messages and computations. Beyond these values, we give KPA against generators of permutations. \end{abstract}
ePrint: https://eprint.iacr.org/2009/287
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .