JISE

[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21]

Journal of Information Science and Engineering, Vol. 31 No. 3, pp. 1085-1096

The Pseudorandomness of Many-Round Lai-Massey Scheme

YIYUAN LUO^1,2, XUEJIA LAI² AND JING HU¹
¹School of Electronics and Information
Shanghai Dian Ji University
Shanghai, 200240 P.R. China
E-mail: {luoyy; hujing}@sdju.edu.cn
²Department of Computer Science and Engineering
Shanghai Jiao Tong University
Shanghai, 200240 P.R. China
E-mail: lai-xj@cs.sjtu.edu.cnn

In this paper we prove beyond-birthday-bound for the (strong) pseudorandomness of many-round Lai-Massey scheme. Motivated by Hoang and Rogaway's analysis of generalized Feistel networks, we use the coupling technology from Markov chain theory and prove that for any e > 0, with enough rounds, the Lai-Massey scheme is indistinguishable from a uniform random permutation by any computationally unbounded distinguisher making at most q~N^1-t combined chosen plaintext/ciphertext (CCA) queries, where N is the range size of the round function. Previous works by Vaudenay et al. and Yunet al. only proved the birthday-bound CCA security of Lai-Massey scheme.

Keywords: cryptography, block cipher, Lai-Massey scheme, Pseudorandomness, coupling

Retrieve PDF document (JISE_201503_17.pdf)