Portal de Periódicos da CAPES

A construction of a cipher from a single pseudorandom permutation

1993; Springer Science+Business Media; Linguagem: Inglês

10.1007/3-540-57332-1_17

1611-3349

Shimon Even, Yishay Mansour,

Benford’s Law and Fraud Detection

Shannon defined a random cipher as a collection of randomly chosen permutations, one for each value of the key. We suggest a scheme for a block cipher which uses only one randomly chosen permutation, F. The key, consisting of two blocks, K 1 and K 2 is used in the following way: The message block is XORed with K 1 before applying F, and the outcome is XORed with K 2, to produce the cryptogram block. This removes the need to store, or generate a multitude of permutations. Although the resulting cipher is not random, we claim that it is secure. First, it is shown that if F is chosen randomly then, with high probability the scheme is secure against any polynomial-time algorithmic attack. Next, it is shown that if F is chosen pseudorandomly, the system remains secure against oracle-type attacks. The scheme may lead to a system more efficient than systems such as the DES and its siblings, since the designer has to worry about one thing only: How to implement one pseudorandomly chosen permutation. This may be easier than getting one for each key.