Abstract
In CRYPTO 2019, Chen et al. have initiated an interesting research direction in designing PRF based on public permutations. They have proposed two beyond the birthday bound secure n-bit to n-bit PRF constructions, i.e., SoEM22 and SoKAC21, which are built on public permutations, where n is the size of the permutation. However, both of their constructions require two independent instances of public permutations. In FSE 2020, Chakraborti et al. have proposed a single public permutation based n-bit to n-bit beyond the birthday bound secure PRF, which they refer to as PDMMAC. Although the construction is minimal in the number of permutations, it requires the inverse call of its underlying permutation in their design. Coming up with a beyond the birthday bound secure public permutation based n-bit to n-bit PRF with a single permutation and two forward calls was left as an open problem in their paper. In this work, we propose pEDM, a single permutation based n-bit to n-bit PRF with two calls that do not require invertibility of the permutation. We have shown that our construction is secured against all adaptive information-theoretic distinguishers that make roughly up to 22n/3 construction and primitive queries. Moreover, we have also shown a matching attack with similar query complexity that establishes the tightness of our security bound.
Highlights
Luby and Rackoff [LR88], in their seminal work, have shown how to construct a keyed pseudorandom permutation (PRP) or, in other words, block cipher from secret keyed pseudorandom functions (PRF)
We propose pEDM, the first fixed-input and fixed-output length single permutation based beyond the birthday bound secure PRF that operates in a sequential mode without requiring the inverse call of the permutation
This paper has proposed an inverse free single permutation based beyond the birthday bound secure PRF that requires 2n bit keys
Summary
Luby and Rackoff [LR88], in their seminal work, have shown how to construct a keyed pseudorandom permutation (PRP) or, in other words, block cipher from secret keyed pseudorandom functions (PRF). Their work was a theoretical model for formally arguing the security of DES block cipher, which consists of r rounds of Feistel constructions invoking independent instances of keyed functions It was soon realized the necessity of designing PRFs out of PRPs as primitives of cryptographic designs [BKR98]. Such designs are popularly known as beyond birthday bound (BBB) secure designs In this direction, Hall et al [HWKS98] have proposed a BBB secure PRF, called Truncation that takes an n-bit block cipher Ek and truncates the result to a bits. Hall et al [HWKS98] have proposed a BBB secure PRF, called Truncation that takes an n-bit block cipher Ek and truncates the result to a bits This construction was later proven to be secured upto 2n−a/2 queries [BI99, GG16]. They showed the construction provides 2n−a/2 bits of security, where n − a is the number of discarded bits
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
