Short variable length domain extenders with beyond birthday bound security

Document Type

Conference Article

Publication Title

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)


Length doublers are cryptographic functions that transform an n-bit cryptographic primitive into an efficient and secure cipher that length-preservingly encrypts strings of length in [n,2n-1]. All currently known constructions are only proven secure up to the birthday bound, and for all but one construction this bound is known to be tight. We consider the remaining candidate, LDT by Chen et al. (ToSC 2017(3)), and prove that it achieves beyond the birthday bound security for the domain [n, 3n/2). We generalize the construction to multiple rounds and demonstrate that by adding one more encryption layer to LDT}, beyond the birthday bound security can be achieved for all strings of length in [n,2n-1]: security up to around 22n/3 for the encryption of strings close to n and security up to around 2n for strings of length close to 2n. The security analysis of both schemes is performed in a modular manner through the introduction and analysis of a new concept called “harmonic permutation primitives.”

First Page


Last Page




Publication Date


This document is currently not available here.