Welcome to the resource topic for
**2010/301**

**Title:**

On generalized Feistel networks

**Authors:**
Viet Tung Hoang, Phillip Rogaway

**Abstract:**

We prove beyond-birthday-bound security for the well-known types of generalized Feistel networks, including: (1) unbalanced Feistel networks, where the n-bit to m-bit round functions may have n\ne m; (2) alternating Feistel networks, where the round functions alternate between contracting and expanding; (3) type-1, type-2, and type-3 Feistel networks, where n-bit to n-bit round functions are used to encipher kn-bit strings for some k\ge2; and (4) numeric variants of any of the above, where one enciphers numbers in some given range rather than strings of some given size. Using a unified analytic framework we show that, in any of these settings, for any \varepsilon>0, with enough rounds, the subject scheme can tolerate CCA attacks of up to q\sim N^{1-\varepsilon} adversarial queries, where N is the size of the round functionsâ€™ domain (the size of the larger domain for alternating Feistel). This is asymptotically optimal. Prior analyses for generalized Feistel networks established security to only q\sim N^{0.5} adversarial queries.

**ePrint:**
https://eprint.iacr.org/2010/301

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

**Example resources include:**
implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .