|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Rekeyable Ideal Cipher from a Few Random Oracles
If you have a question about this talk, please contact Microsoft Research Cambridge Talks Admins.
Reducing the security of a complex construction to that of a simpler primitive is one of the central methods of cryptography. Rather recently, in the domain of cryptographic hashing, such constructions as Merkle-Damgard and sponge based on a fixed-length random oracle (compression function or permutation) have been proven indifferentiable from a finite-length random oracle. Moreover, Feistel based on a fixed-length random oracle has been shown indifferentiable from a wider random oracle. In this talk we address the fundamental question of constructing an ideal cipher (consisting of exponentially many random oracles) from a small number of fixed-length random oracles.
In this talk, we show that the multiple Even-Mansour construction with 4 rounds, randomly drawn fixed underlying permutations and a bijective key schedule, is indifferentiable from ideal cipher. Our proof is accompanied by an efficient differentiability attack on multiple Even-Mansour with 3 rounds.
Practically speaking, we provide a construction of an ideal cipher as a set of exponentially many permutations from just as few as 4 permutations. On the theoretical side, this is result confirms the equivalence between ideal cipher and random oracle models.
This talk is part of the Microsoft Research Cambridge, public talks series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsBiological Anthropology Lent Term Seminars 2011 Innovation Forum Exoplanet Meetings
Other talksAda Lovelace Day Talk and Wikipedia Edit-a-thon 'The cultural self-fashioning of Frederick the Great' Structural Stories about Devious Parasites The 2016 Immunosuppression Summit: Problems of immunosuppression and overcoming them Breaking Card: Reverse-Engineering the Smart-Card Application Protocol Data Unit Engaging stakeholders about the science of climate change