Abstract
Constructing a block cipher requires to define a random permutation, which is usually performed by the Feistel scheme and its variants. In this paper we investigate the Lai-Massey scheme which was used in IDEA. We show that we cannot use it “as is” in order to obtain results like Luby-Rackoff Theorem. This can however be done by introducing a simple function which has an orthomorphism property. We also show that this design offers nice decorrelation properties, and we propose a block cipher family called Walnut.
Chapter PDF
Similar content being viewed by others
References
FIPS 46, Data Encryption Standard. U.S. Department of Com merce — National Bureau of Standards, National Technical Information Service, Springfield, Virginia. Federal Information Processing Standard Publication 46 (1977)
Baudron, O., Gilbert, H., Granboulan, L., Handschuh, H., Harley, R., Joux, A., Nguyen, P., Noilhan, F., Pointcheval, D., Pornin, T., Poupard, G., Stern, J., Vaudenay, S.: DFC Update. In: Proceedings from the Second Advanced Encryption Standard Candidate Conference, National Institute of Standards and Technology (NIST) (March 1999)
Daemen, J., Knudsen, L., Rijmen, V.: The Block Cipher Square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–171. Springer, Heidelberg (1997)
Feistel, H.: Cryptography and Computer Privacy. Scientific American 228, 15–23 (1973)
Gilbert, H., Girault, M., Hoogvorst, P., Noilhan, F., Pornin, T., Poupard, G., Stern, J., Vaudenay, S.: Decorrelated Fast Cipher: an AES Candidate (Extended Abstract.). In: Proceedings from the First Advanced Encryption Standard Candidate Conference, National Institute of Standards and Technology (NIST) (August 1998)
Gilbert, H., Girault, M., Hoogvorst, P., Noilhan, F., Pornin, T., Poupard, G., Stern, J., Vaudenay, S.: Decorrelated Fast Cipher: an AES Candidate. Submitted to the Advanced Encryption Standard process. In: CD-ROM AES CD-1: Documentation, National Institute of Standards and Technology (NIST) (August 1998)
Hall, M., Paige, L.J.: Complete Mappings of Finite Groups. Pacific Journal of Mathematics 5, 541–549 (1955)
Lai, X.: On the Design and Security of Block Ciphers. ETH Series in Information Processing, vol. 1. Hartung-Gorre Verlag Konstanz (1992)
Lai, X., Massey, J.L.: A Proposal for a New Block Encryption Standard. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 389–404. Springer, Heidelberg (1991)
Luby, M., Rackoff, C.: How to Construct Pseudorandom Permutations from Pseudorandom Functions. SIAM Journal on Computing 17, 373–386 (1988)
Massey, J.L.: SAFER K-64: a Byte-Oriented Block-Ciphering Algorithm. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 1–17. Springer, Heidelberg (1997)
Patarin, J.: Etude des Générateurs de Permutations Basés sur le Schéma du D.E.S., Thèse de Doctorat de l’Université de Paris. vol. 6 (1991)
Patarin, J.: How to Construct Pseudorandom and Super Pseudorandom Permutations from One Single Pseudorandom Function. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 256–266. Springer, Heidelberg (1993)
Schneier, B.: Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish). In: Anderson, R. (ed.) FSE 1993. LNCS, vol. 809, pp. 191–204. Springer, Heidelberg (1994)
Schnorr, C.P., Vaudenay, S.: Parallel FFT-Hashing. In: Anderson, R. (ed.) FSE 1993. LNCS, vol. 809, pp. 149–156. Springer, Heidelberg (1994)
Schnorr, C.P., Vaudenay, S.: Black Box Cryptanalysis of Hash Networks based on Multipermutations. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 47–57. Springer, Heidelberg (1995)
Stern, J., Vaudenay, S.: CS-Cipher. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 189–205. Springer, Heidelberg (1998)
Vaudenay, S.: Provable Security for Block Ciphers by Decorrelation. In: Meinel, C., Morvan, M. (eds.) STACS 1998. LNCS, vol. 1373, pp. 249–275. Springer, Heidelberg (1998)
Vaudenay, S.: Provable Security for Block Ciphers by Decorrelation (Full Paper) Technical report LIENS-98-8, Ecole Normale Supérieure (1998), ftp://ftp.ens.fr/pub/reports/liens/liens-98-8.A4.ps.Z
Vaudenay, S.: Feistel Ciphers with L2-Decorrelation. sac., pp. 1–14. Springer, Heidelberg (1998)
Vaudenay, S.: The Decorrelation Technique Home-Page, http://www.dmi.ens.fr/~vaudenay/decorrelation.html
Vaudenay, S.: Vers une Théorie du Chiffrement Symétrique, Dissertation for the diploma of habilitation to supervise research from the University of Paris 7, Technical Report LIENS-98-15 of the Laboratoire d’Informatique de l’Ecole Normale Supérieure (1998)
Vaudenay, S.: Resistance Against General Iterated Attacks. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 255–271. Springer, Heidelberg (1999)
Vaudenay, S.: Adaptive-Attack Norm for Decorrelation and Super-Pseudorandomness. Technical report LIENS-99-2, Ecole Normale Supérieure (1999); To appear in SAC1999 LNCS. Springer-Verlag. ftp://ftp.ens.fr/pub/reports/liens/liens-99-2.A4.ps.Z
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vaudenay, S. (1999). On the Lai-Massey Scheme. In: Lam, KY., Okamoto, E., Xing, C. (eds) Advances in Cryptology - ASIACRYPT’99. ASIACRYPT 1999. Lecture Notes in Computer Science, vol 1716. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-48000-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-48000-6_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66666-0
Online ISBN: 978-3-540-48000-6
eBook Packages: Springer Book Archive