Add to ORKGAbstract. Feistel constructions have been shown to be indierentiable from random permutations at STOC 2011. Whereas how to properly mix the keys into an un-keyed Feistel construction without appealing to domain separation technique to obtain a block cipher which is provably secure against known-key and chosen-key attacks (or to obtain an ideal cipher) remains an open problem. We study this, particularly the basic structure of NSA's SIMON family of block ciphers. SIMON family takes a construction which has the subkey xored into a halve of the state at each round. More clearly, at the i-th round, the state is updated according to (xi, xi−1) 7 → (xi−1 ⊕ Fi(xi) ⊕ ki, xi) For such key-alternating Feistel ciphers, we show that 21 rounds are ...
International audienceThis book provides a survey on different kinds of Feistel ciphers, with their ...
This paper considers - for the first time - the concept of key alternating ciphers in a provable sec...
This paper considers - for the first time - the concept of key alternating ciphers in a provable sec...
We revisit the question of constructing an ideal cipher from a random oracle. Coron et al.~(Journal ...
Tweakable block cipher as a cryptographic primitive has found wide applications in disk encryption, ...
The Advanced Encryption Standard (AES) is the most widely used block cipher. The high level structur...
We revisit the question of constructing an ideal cipher from a random oracle. Coron et al. (Journal ...
International audienceWe study the security of key-alternating Feistel ciphers, a class of key-alter...
International audienceWe study the security of key-alternating Feistel ciphers, a class of key-alter...
International audienceWe study the security of key-alternating Feistel ciphers, a class of key-alter...
This paper provides the first provably secure construction of an invertible random permutation (and ...
Key-Alternating Feistel (KAF) ciphers, a.k.a. Feistel-2 models, refer to Feistel networks with round...
Known-key distinguishers for block ciphers were proposed by Knudsen and Rijmen at ASIACRYPT 2007 and...
International audienceThis book provides a survey on different kinds of Feistel ciphers, with their ...
International audienceThis book provides a survey on different kinds of Feistel ciphers, with their ...
International audienceThis book provides a survey on different kinds of Feistel ciphers, with their ...
This paper considers - for the first time - the concept of key alternating ciphers in a provable sec...
This paper considers - for the first time - the concept of key alternating ciphers in a provable sec...
We revisit the question of constructing an ideal cipher from a random oracle. Coron et al.~(Journal ...
Tweakable block cipher as a cryptographic primitive has found wide applications in disk encryption, ...
The Advanced Encryption Standard (AES) is the most widely used block cipher. The high level structur...
We revisit the question of constructing an ideal cipher from a random oracle. Coron et al. (Journal ...
International audienceWe study the security of key-alternating Feistel ciphers, a class of key-alter...
International audienceWe study the security of key-alternating Feistel ciphers, a class of key-alter...
International audienceWe study the security of key-alternating Feistel ciphers, a class of key-alter...
This paper provides the first provably secure construction of an invertible random permutation (and ...
Key-Alternating Feistel (KAF) ciphers, a.k.a. Feistel-2 models, refer to Feistel networks with round...
Known-key distinguishers for block ciphers were proposed by Knudsen and Rijmen at ASIACRYPT 2007 and...
International audienceThis book provides a survey on different kinds of Feistel ciphers, with their ...
International audienceThis book provides a survey on different kinds of Feistel ciphers, with their ...
International audienceThis book provides a survey on different kinds of Feistel ciphers, with their ...
This paper considers - for the first time - the concept of key alternating ciphers in a provable sec...
This paper considers - for the first time - the concept of key alternating ciphers in a provable sec...