- [Home]
- [Research achievement]
- [Research achievement detail]
| Title | Efficient Domain Extension Using Weak Pseudorandom Function (in Japanese) |
|---|---|
| Authors | Kazuhiko Minematsu 、Toshiyasu Matsushima |
| Released Year | 2007 |
| Format | Conference |
| Category | Information security |
| Jounal Name | |
| Jounal Page | 不明 |
| Published Year | 2008 |
| Published Month | 1 |
| Abstract (English) |
We present an efficient solution to the domain extension problem for a block cipher. The domain extension, proposed by Ristenpart and Rogaway \cite{Ris07}, is to extend a message length of a (possibly variable-input-length) block cipher, ${\cal E}$, where the message space is $x\in\setM$, so that an incompatible input $x'\not\in\setM$ can be accepted, using an $n$-bit block cipher, $E$, with fixed $n$. This can be useful when the message length of a target application is incompatible with the block size of a block cipher that we want to use. For example, some block cipher modes (using an $n$-bit block cipher) accept only $\ell$-bit message length where $\ell$ is a multiple of $n$. While the previous proposal for the domain extension, called XLS \cite{Ris07}, uses two calls of an $n$-bit strong pseudorandom permutation and some bit shifts, our solution requires only one call of an $n$-bit block {\it weak} pseudorandom function, which is only secure against Known-Plaintext attacks, and two calls of universal hash functions. These universal hashes can be, for example, implemented with multiplications over $\txtn{GF}(2^n)$. This is obtained as a result of a recent paper \cite{Min07h} presented by the authors. |
| Note (English) |
1 |
| Manuscript | |
| Presentation |
