How to Build Pseudorandom Functions from Public Random Permutations

Yu Long Chen; Eran Lambooij; Bart Mennink

doi:10.1007/978-3-030-26948-7_10

How to Build Pseudorandom Functions from Public Random Permutations

Yu Long Chen, Eran Lambooij, Bart Mennink

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Pseudorandom functions are traditionally built upon block ciphers, but with the trend of permutation based cryptography, it is a natural question to investigate the design of pseudorandom functions from random permutations. We present a generic study of how to build beyond birthday bound secure pseudorandom functions from public random permutations. We first show that a pseudorandom function based on a single permutation call cannot be secure beyond the$$2^{n/2}$$ birthday bound, where n is the state size of the function. We next consider the Sum of Even-Mansour (SoEM) construction, that instantiates the sum of permutations with the Even-Mansour construction. We prove that SoEM achieves tight$$2n{/}3$$ -bit security if it is constructed from two independent permutations and two randomly drawn keys. We also demonstrate a birthday bound attack if either the permutations or the keys are identical. Finally, we present the Sum of Key Alternating Ciphers (SoKAC) construction, a translation of Encrypted Davies-Meyer Dual to a public permutation based setting, and show that SoKAC achieves tight$$2n{/}3$$ -bit security even when a single key is used.

Original language	English
Title of host publication	Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings
Editors	Daniele Micciancio, Alexandra Boldyreva
Publisher	Springer Verlag
Pages	266-293
Number of pages	28
ISBN (Print)	9783030269470
DOIs	https://doi.org/10.1007/978-3-030-26948-7_10
State	Published - 2019
Event	39th Annual International Cryptology Conference, CRYPTO 2019 - Santa Barbara, United States Duration: 18 Aug 2019 → 22 Aug 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11692 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	39th Annual International Cryptology Conference, CRYPTO 2019
Country/Territory	United States
City	Santa Barbara
Period	18/08/19 → 22/08/19

Bibliographical note

Publisher Copyright:
© 2019, International Association for Cryptologic Research.

Keywords

Beyond the birthday bound
RP-to-PRF
SoEM
SoKAC

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-26948-7_10

Cite this

Chen, Y. L., Lambooij, E., & Mennink, B. (2019). How to Build Pseudorandom Functions from Public Random Permutations. In D. Micciancio, & A. Boldyreva (Eds.), Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings (pp. 266-293). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11692 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-26948-7_10

Chen, Yu Long ; Lambooij, Eran ; Mennink, Bart. / How to Build Pseudorandom Functions from Public Random Permutations. Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings. editor / Daniele Micciancio ; Alexandra Boldyreva. Springer Verlag, 2019. pp. 266-293 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{893b993ea4dd4451a515fb7f21a04704,

title = "How to Build Pseudorandom Functions from Public Random Permutations",

abstract = "Pseudorandom functions are traditionally built upon block ciphers, but with the trend of permutation based cryptography, it is a natural question to investigate the design of pseudorandom functions from random permutations. We present a generic study of how to build beyond birthday bound secure pseudorandom functions from public random permutations. We first show that a pseudorandom function based on a single permutation call cannot be secure beyond the$$2^{n/2}$$ birthday bound, where n is the state size of the function. We next consider the Sum of Even-Mansour (SoEM) construction, that instantiates the sum of permutations with the Even-Mansour construction. We prove that SoEM achieves tight$$2n{/}3$$ -bit security if it is constructed from two independent permutations and two randomly drawn keys. We also demonstrate a birthday bound attack if either the permutations or the keys are identical. Finally, we present the Sum of Key Alternating Ciphers (SoKAC) construction, a translation of Encrypted Davies-Meyer Dual to a public permutation based setting, and show that SoKAC achieves tight$$2n{/}3$$ -bit security even when a single key is used.",

keywords = "Beyond the birthday bound, RP-to-PRF, SoEM, SoKAC",

author = "Chen, {Yu Long} and Eran Lambooij and Bart Mennink",

note = "Publisher Copyright: {\textcopyright} 2019, International Association for Cryptologic Research.; 39th Annual International Cryptology Conference, CRYPTO 2019 ; Conference date: 18-08-2019 Through 22-08-2019",

year = "2019",

doi = "10.1007/978-3-030-26948-7_10",

language = "English",

isbn = "9783030269470",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "266--293",

editor = "Daniele Micciancio and Alexandra Boldyreva",

booktitle = "Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings",

address = "Germany",

}

Chen, YL, Lambooij, E & Mennink, B 2019, How to Build Pseudorandom Functions from Public Random Permutations. in D Micciancio & A Boldyreva (eds), Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11692 LNCS, Springer Verlag, pp. 266-293, 39th Annual International Cryptology Conference, CRYPTO 2019, Santa Barbara, United States, 18/08/19. https://doi.org/10.1007/978-3-030-26948-7_10

How to Build Pseudorandom Functions from Public Random Permutations. / Chen, Yu Long; Lambooij, Eran; Mennink, Bart.
Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings. ed. / Daniele Micciancio; Alexandra Boldyreva. Springer Verlag, 2019. p. 266-293 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11692 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - How to Build Pseudorandom Functions from Public Random Permutations

AU - Chen, Yu Long

AU - Lambooij, Eran

AU - Mennink, Bart

PY - 2019

Y1 - 2019

N2 - Pseudorandom functions are traditionally built upon block ciphers, but with the trend of permutation based cryptography, it is a natural question to investigate the design of pseudorandom functions from random permutations. We present a generic study of how to build beyond birthday bound secure pseudorandom functions from public random permutations. We first show that a pseudorandom function based on a single permutation call cannot be secure beyond the$$2^{n/2}$$ birthday bound, where n is the state size of the function. We next consider the Sum of Even-Mansour (SoEM) construction, that instantiates the sum of permutations with the Even-Mansour construction. We prove that SoEM achieves tight$$2n{/}3$$ -bit security if it is constructed from two independent permutations and two randomly drawn keys. We also demonstrate a birthday bound attack if either the permutations or the keys are identical. Finally, we present the Sum of Key Alternating Ciphers (SoKAC) construction, a translation of Encrypted Davies-Meyer Dual to a public permutation based setting, and show that SoKAC achieves tight$$2n{/}3$$ -bit security even when a single key is used.

AB - Pseudorandom functions are traditionally built upon block ciphers, but with the trend of permutation based cryptography, it is a natural question to investigate the design of pseudorandom functions from random permutations. We present a generic study of how to build beyond birthday bound secure pseudorandom functions from public random permutations. We first show that a pseudorandom function based on a single permutation call cannot be secure beyond the$$2^{n/2}$$ birthday bound, where n is the state size of the function. We next consider the Sum of Even-Mansour (SoEM) construction, that instantiates the sum of permutations with the Even-Mansour construction. We prove that SoEM achieves tight$$2n{/}3$$ -bit security if it is constructed from two independent permutations and two randomly drawn keys. We also demonstrate a birthday bound attack if either the permutations or the keys are identical. Finally, we present the Sum of Key Alternating Ciphers (SoKAC) construction, a translation of Encrypted Davies-Meyer Dual to a public permutation based setting, and show that SoKAC achieves tight$$2n{/}3$$ -bit security even when a single key is used.

KW - Beyond the birthday bound

KW - RP-to-PRF

KW - SoEM

KW - SoKAC

UR - http://www.scopus.com/inward/record.url?scp=85071740026&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-26948-7_10

DO - 10.1007/978-3-030-26948-7_10

M3 - Conference contribution

AN - SCOPUS:85071740026

SN - 9783030269470

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 266

EP - 293

BT - Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings

A2 - Micciancio, Daniele

A2 - Boldyreva, Alexandra

PB - Springer Verlag

T2 - 39th Annual International Cryptology Conference, CRYPTO 2019

Y2 - 18 August 2019 through 22 August 2019

ER -

Chen YL, Lambooij E, Mennink B. How to Build Pseudorandom Functions from Public Random Permutations. In Micciancio D, Boldyreva A, editors, Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Proceedings. Springer Verlag. 2019. p. 266-293. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-26948-7_10

How to Build Pseudorandom Functions from Public Random Permutations

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this