[an error occurred while processing this directive]
Elastic Block Ciphers
### Thesis Abstract: Elastic Block Ciphers

Standard block ciphers are designed around one or a small number of block
sizes. From both a practical and a theoretical perspective, the question of
how to efficiently support a range of block sizes is of interest. In
applications, the length of the data to be encrypted is often not a
multiple of the supported block size. This results in the use of
plaintext-padding schemes that impose computational and space overheads.
Furthermore, a variable-length block cipher ideally provides a
variable-length pseudorandom permutation and strong pseudorandom permutation,
which are theoretical counterparts of practical block ciphers and correspond to
ideal properties for a block cipher.

The focus of my research is the design and analysis of a method for
creating variable-length block ciphers from existing fixed-length block
ciphers. As the heart of the method, I introduce the concept of an
elastic block cipher, which refers to stretching the supported block
size of a block cipher to any length up to twice the original block
size while incurring a computational workload that is proportional to the
block size. I create a structure, referred to as the elastic network,
that uses the round function from any existing block cipher in a manner that
allows the properties of the round function to be maintained
and results in the security of the elastic version of a block cipher being
directly related to that of the original version. By forming a reduction
between the elastic and original versions, I prove that the
elastic version of a cipher is secure against round-key recovery attacks if the
original cipher is secure against such attacks. I illustrate the method by
creating elastic versions of four existing block ciphers.
In addition, the elastic network provides a new primitive structure for use in
symmetric-key cipher design. It allows for the creation of variable-length
pseudorandom permutations and strong pseudorandom permutations (a PRP and SPRP
for each length)
in the range of
b to 2b bits from round
functions that are independently chosen pseudorandom permutations on b bits.