- [Home]
- [Research achievement]
- [Research achievement detail]
Title | Efficient Domain Extension Using Weak Pseudorandom Function (in Japanese) |
---|---|
Authors | Kazuhiko Minematsu 、Toshiyasu Matsushima |
Released Year | 2007 |
Format | Conference |
Category | Information security |
Jounal Name | |
Jounal Page | 不明 |
Published Year | 2008 |
Published Month | 1 |
Abstract (English) |
We present an efficient solution to the domain extension problem for a block cipher. The domain extension, proposed by Ristenpart and Rogaway \cite{Ris07}, is to extend a message length of a (possibly variable-input-length) block cipher, ${\cal E}$, where the message space is $x\in\setM$, so that an incompatible input $x'\not\in\setM$ can be accepted, using an $n$-bit block cipher, $E$, with fixed $n$. This can be useful when the message length of a target application is incompatible with the block size of a block cipher that we want to use. For example, some block cipher modes (using an $n$-bit block cipher) accept only $\ell$-bit message length where $\ell$ is a multiple of $n$. While the previous proposal for the domain extension, called XLS \cite{Ris07}, uses two calls of an $n$-bit strong pseudorandom permutation and some bit shifts, our solution requires only one call of an $n$-bit block {\it weak} pseudorandom function, which is only secure against Known-Plaintext attacks, and two calls of universal hash functions. These universal hashes can be, for example, implemented with multiplications over $\txtn{GF}(2^n)$. This is obtained as a result of a recent paper \cite{Min07h} presented by the authors. |
Note (English) |
1 |
Manuscript | |
Presentation |