• Title/Summary/Keyword: Pseudorandom permutation

Search Result 7, Processing Time 0.02 seconds

Pseudorandom Permutation and Function Families Secure against Related-Key Attacks (연관키 공격에 안전한 의사난수 치환 및 함수 패밀리)

  • Kim, Jong-Sung;Sung, Jae-Chul;Eun, Hi-Chun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.5
    • /
    • pp.3-14
    • /
    • 2007
  • In this paper, we observe that secure tweakable permutation families in the sense of strong pseudorandom permutation (SPRP) can be transformed to secure permutation families in the sense of SPRP against related-key attacks (SPRP-RKA). This fact allows us to construct a secure SPRP-RKA which is the most efficient to date. We also observe that secure function families of a certain form in the sense of a pseudorandom function (PRF) can be transformed to secure permutation families in the sense of PRP-RKA. We can exploit it to get various secure constructions against related-key attacks from known MAC algorithms. Furthermore, we define other security notions for related-key attacks, namely indistinguishability and non-malleability, and look into the relations between the security notions fur related-key attacks. We show that secure tweakable permutation families in the sense of indistinguishability (resp. non-malleability) can be transformed to secure permutation families in the sense of indistinguishability (resp. non-malleability) against related-key attacks.

Provable Security of Key Derivation Functions Based on the Block Ciphers (블록암호 기반 키유도함수의 증명가능 안전성)

  • Kang, Ju-Sung;Yi, Ok-Yeon;Youm, Ji-Sun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.4
    • /
    • pp.3-16
    • /
    • 2010
  • Key derivation functions are used within many cryptographic systems in order to generate various keys from a fixed short key string. In this paper we survey a state-of-the-art in the key derivation functions and wish to examine the soundness of the functions on the view point of provable security. Especially we focus on the key derivation functions using pseudorandom functions which are recommended by NISI recently, and show that the variant of Double-Pipeline Iteration mode using pseudorandom permutations is a pseudorandom function. Block ciphers can be regarded as practical primitives of pseudorandom permutations.

Security of OFB mode and 3GPP f8 encryption mode (OFB 모드와 3GPP f8 암호화 모드의 안전성)

  • 신상욱;홍도원;강주성;이옥연
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.4
    • /
    • pp.55-66
    • /
    • 2001
  • In this paper, we analyze the security of OFB encryption mode which is one of the basic modes of operation for the block cipher and the security of 3GPP f8 encryption mode used to provide the data confidentiality over a radio access link of W-CDMA IMT-2000. We provide the lower bound and the upper bound on security of both modes in random function model and random permutation model, respectively, by means of the left-or-right security notion, and prove the security of both modes using a pseudorandom function and a pseudorandom permutation, respectively.

A Video Watermarking Using 3D DWT and Binary Image Watermark (3차원 웨이블릿 변환과 이진 영상 워터마크를 이용한 비디오 워터마킹)

  • Kim Seung-Jin;Kim Tae-Su;Kwon Ki-Ryong;Lee Kuhn-Il
    • Journal of the Institute of Electronics Engineers of Korea SP
    • /
    • v.42 no.6
    • /
    • pp.27-32
    • /
    • 2005
  • An effective video watermarking algorithm is proposed to protect the copyright. The watermarking procedure is based on a three-dimensional discrete wavelet transform (3D DWT) and spread spectrum sequences. Two perceptual binary watermarks are preprocessed using mixing and pseudorandom permutation. After dividing the video sequence into video shots, the 3D DWT is performed, then the preprocessed watermarks are embedded into the 3D DWT coefficients, while considering robustness and invisibility, using two spread spectrum sequences defined as the user key. Experimental results show that the watermarked frames are subjectively indistinguishable from the original frames, plus the proposed video watermarking algorithm is sufficiently robust against such attacks as low pass filtering, frame dropping, frame average, and MPEG coding.

On the Optimal Key Size of the Even-Mansour Cipher in the Random Function Oracle Model (랜덤 오라클 모델에서의 Even-Mansour Cipher에 대한 키 길이 최적화 방법)

  • Sung, Jae-Chul
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.3
    • /
    • pp.35-42
    • /
    • 2007
  • We describe the problem of reducing the key material in the Even-Mansour cipher without security degradation. Even and Mansour proposed a block cipher based on XORing secret key material just prior to and after applying random oracle permutation P such that $C=k_2\bigoplus P(M\bigoplus k_1)$. Recently, Gentry and Ramzan showed that this scheme in the random permutation oracle can be replaced by the four-round Feistel network construction in the random function oracle and also proved that their scheme is super-pseudorandom. In this paper we reduce the key size from 2n to n, which is the optimal key size of Even-Mansour cipher in the random function oracle model and also give almost the same level of security.

Proposal of Extendable Unbalanced Feistel Network and Proof of Pseudorandom Permutation (확장 가능한 비대칭 피스텔 네트웍의 제안 및 유사 랜덤 순열 증명)

  • Lee, Gwang-Su;Sin, Jun-Beom;Lee, Gwang-Hyeong
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.28 no.1_2
    • /
    • pp.45-51
    • /
    • 2001
  • 정보 처리량이 증가함에 따라 한번에 많은 양의 평문을 암호화 할 수 있는 입출력이 큰 블록 암호기의 필요성이 대두되고 있다. 하지만 입출력이 큰 블록 암호기를 직접 구현하는 것은 많은 비용이 든다. 따라서 이 논문에서는 기존에 존재하는 블록 암호기를 이용해서 입출력이 큰 블록 암호기를 구현할 수 있는 방법을 제안한다. 그런 뒤 새로 제안된 비대칭 피스텔 네트웍 구조가 안전한 블록 암호기가 되기 위한 조건을 분석한다. 논문의 결과는 다음과 같다. 확장 가능한 비대칭 피스텔 네트웍이 입력과 출력의 크기가 모두 n 비트인 유사 랜덤 함수 생성기를 사용하는 경우, k가 홀수이고 전체 라운드 수가 2k+1이상이면 유사 랜덤 순열 생성기이다.

  • PDF

Provable Security of 3GPP Integrity Algorithm f9 (3GPP 무결성 알고리즘 f9의 증명가능 안전성)

  • Hong, Do-won;Shin, Sang-Uk;Ryu, Heui-su;Chung, Kyo-Il
    • The KIPS Transactions:PartC
    • /
    • v.9C no.4
    • /
    • pp.573-580
    • /
    • 2002
  • Within the security architecture of the 3GPP system there is a standardised integrity algorithm f9. The integrity algorithm f9 computes a MAC to authenticate the data integrity and data origin of signalling data over a radio access link of W-CDMA IMT-2000. f9 is a variant of the standard CBC MAC based on the block cipher KASUMI. In this paper we provide the provable security of f9 We prove that f9 is secure by giving concrete bound on an adversary's inability to forge in terms of her inability to distinguish the underlying block cipher from a pseudorandom permutation.