Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
FSE
2003
Springer
2003
Springer
The Security of "One-Block-to-Many" Modes of Operation
In this paper, we investigate the security, in the Luby-Rackoff security paradigm, of blockcipher modes of operation allowing to expand a one-block input into a longer t-block output under the control of a secret key K. Such “one-block-to-many” modes of operation are of frequent use in cryptology. They can be used for stream cipher encryption purposes, and for authentication and key distribution purposes in contexts such as mobile communications. We show that although the expansion functions resulting from modes of operation of blockciphers such as the counter mode or the output feedback mode are not pseudorandom, slight modifications of these two modes provide pseudorandom expansion functions. The main result of this paper is a detailed proof, in the Luby-Rackoff security model, that the expansion function used in the construction of the third generation mobile (UMTS) example authentication and key agreement algorithm MILENAGE is pseudorandom.
Real-time TrafficCryptography | Expansion Function | FSE 2003 | Luby-Rackoff Security | Pseudorandom Expansion Functions |
Related Content
| Added | 06 Jul 2010 |
| Updated | 06 Jul 2010 |
| Type | Conference |
| Year | 2003 |
| Where | FSE |
| Authors | Henri Gilbert |
Comments (0)
Researcher Info
|
