Abstract.
Luby and Rackoff [26] showed a method for constructing a pseudorandom permutation from a pseudorandom function. The method is based on composing four (or three for weakened security) so-called Feistel permutations, each of which requires the evaluation of a pseudorandom function. We reduce somewhat the complexity of the construction and simplify its proof of security by showing that two Feistel permutations are sufficient together with initial and final pairwise independent permutations. The revised construction and proof provide a framework in which similar constructions may be brought up and their security can be easily proved. We demonstrate this by presenting some additional adjustments of the construction that achieve the following:
• Reduce the success probability of the adversary.
• Provide a construction of pseudorandom permutations with large input-length using pseudorandom functions with small input-length.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
Author information
Authors and Affiliations
Additional information
Received 2 August 1996 and revised 26 July 1997
Rights and permissions
About this article
Cite this article
Naor, M., Reingold, O. On the Construction of Pseudorandom Permutations: Luby—Rackoff Revisited . J. Cryptology 12, 29–66 (1999). https://doi.org/10.1007/PL00003817
Published:
Issue Date:
DOI: https://doi.org/10.1007/PL00003817