On the Lai-Massey scheme

Constructing a block cipher requires us to define a random permutation, which is usually performed by the Feistel scheme and its variants. In this paper we investigate the Lai-Massey scheme which was used in IDEA. We show that we cannot use it “as is” in order to obtain results like the Luby-Rackoff theorem. This can however be done by introducing a simple function which has an orthomorphism property. We also show that this design offers nice decorrelation properties, and we propose a block cipher family called Walnut


Published in:
International Conference on the Theory and Applications of Cryptology and Information Security, Advances in Cryptology - ASIACRYPT'99, 1716, 8-19
Presented at:
International Conference on the Theory and Applications of Cryptology and Information Security, Advances in Cryptology - ASIACRYPT'99, Singapore, November 14-18, 1999
Year:
1999
Laboratories:




 Record created 2007-01-18, last modified 2018-03-17

n/a:
Download fulltextPS
External link:
Download fulltextURL
Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)