Schroeppel, R., and Orman, H. Introduction to the hasty pudding cipher. In Proceedings from the First Advanced Encryption Standard Candidate Conference, National Institute of Standards and Technology, Aug. 1998. See http://www.cs.arizona.edu/~rcs/hpc/.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....will know what are the two missing numbers, c 1 and c 2 , but the adversary won t be able to ascertain if EK (1) c 1 and EK (2) c 2 , or if EK (1) c 2 and EK (2) c 1 , instead. Our Contributions. Though the problem of enciphering on an arbitrary domain has been considered before [13], here we draw attention to this problem and give the rst rigorous treatment, providing a few solutions together with their analyses. Our solutions focus on the case in which the message space is M = 0; k 1] though we sketch extensions to some other message spaces, like Z pq and common ....

....to encipher a string in ZN , where N is a 1024 bit number, using a block cipher with block length of 1024 bits. A block cipher with a long block length, like this, can be constructed from a standard block cipher by following works like [3, 9, 11] This construction has been suggested before [13]; our main contribution here is the analysis of the construction. A nal method which we look at chooses an a; b where ab k and performs a Feistel construction on the message m, but uses a left hand side in Z a and a righthand side in Z b . Our analysis of this is an adaptation of Luby and ....

[Article contains additional citation context not shown here]

Schroeppel, R., and Orman, H. Introduction to the hasty pudding cipher. In Proceedings from the First Advanced Encryption Standard Candidate Conference, National Institute of Standards and Technology, Aug. 1998. See http://www.cs.arizona.edu/~rcs/hpc/.

....how to make any of the constructions above apply to message spaces which are not sets of strings. Probably several of the constructions can modi ed, and in multiple ways, to deal with a message space M = 0; k 1] or with other message spaces. The Hasty Pudding Cipher of Schroeppel and Orman [12] is a block cipher which works on any domain [0; k 1] They use what is essentially our Method 2, internally iterating the cipher until a proper domain point is reached. Our notion of a pseudorandom function is due to Goldreich, Goldwasser and Micali [5] Pseudorandom permutations are de ned ....

Schroeppel, R., and Orman, H. Introduction to the hasty pudding cipher. In Proceedings from the First Advanced Encryption Standard Candidate Conference, National Institute of Standards and Technology, Aug. 1998.

....it provides added value to new designs. Accordingly, we sorted the candidates into three classes: those which have empirical security, heuristic security, and finally some form of provable security. The class of candidates based on empirical security is quite small since it is restricted to HPC [46] and Frog [15] The class of provable security is equally reduced: Deal and DFC. 1.7 Smart Cards It is obvious that implementability on smart cards is an important advantage for the AES candidates, since smart cards are now used in many applications. Accordingly we have to consider two ....

....prove that Deal has at least the same security as DES (without assuming that DES looks random) In particular, unless we find an attack against DES better than Matsui s, we need at least 2 43 known plain texts to break Deal. We know that this provable security result is not enough. Frog and HPC [15, 46] Actually these two candidates do not reference any research results. Their security is empirical in the sense that they will be considered secure until someone finds an attack. We think this paradigm ignores all recent advances in research and should not be considered. Magenta [20] Due to the ....

R. Schroeppel, H. Orman. Introduction to the Hasty Pudding Cipher. In Proceedings from the First Advanced Encryption Standard Candidate Conference, National Institute of Standards and Technology (NIST), August 1998.

No context found.

R. Schroeppel, H. Orman. Introduction to the Hasty Pudding Cipher. In Proceedings from the First Advanced Encryption Standard Candidate Conference, National Institute of Standards and Technology #NIST#, August 1998.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC