惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

N
News and Events Feed by Topic
酷 壳 – CoolShell
酷 壳 – CoolShell
G
Google Developers Blog
N
Netflix TechBlog - Medium
Recorded Future
Recorded Future
S
Securelist
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Scott Helme
Scott Helme
C
Check Point Blog
量子位
月光博客
月光博客
Last Week in AI
Last Week in AI
C
Cisco Blogs
G
GRAHAM CLULEY
B
Blog RSS Feed
K
Kaspersky official blog
爱范儿
爱范儿
J
Java Code Geeks
I
Intezer
aimingoo的专栏
aimingoo的专栏
WordPress大学
WordPress大学
云风的 BLOG
云风的 BLOG
C
CXSECURITY Database RSS Feed - CXSecurity.com
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园 - 三生石上(FineUI控件)
罗磊的独立博客
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
MongoDB | Blog
MongoDB | Blog
T
Threat Research - Cisco Blogs
N
News | PayPal Newsroom
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Security Latest
Security Latest
T
Tailwind CSS Blog
人人都是产品经理
人人都是产品经理
P
Privacy International News Feed
The Cloudflare Blog
H
Heimdal Security Blog
宝玉的分享
宝玉的分享
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
腾讯CDC
GbyAI
GbyAI
V
Visual Studio Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main
博客园 - 聂微东
T
Tenable Blog
The Register - Security
The Register - Security
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
S
Schneier on Security
L
LangChain Blog

Cryptology ePrint Archive

Fast Isogeny Evaluation on Binary Curves Quick Draw Queries: Lightweight Searchable Public-key Ciphertexts with Hidden Structures via Non-Interactive Key Exchange A Constructive Treatment of Authentication Boolean Arithmetic over $\mathbb{F}_2$ from Group Commutators HAWK with Hint: Algebraic Key Recovery from Side-Channel Leakage Post-Quantum Secure k-Times Traceable Ring Signature A Key Schedule Design and Evaluation under Boundary Round-Key Leakage 2G2T: Constant-Size, Statistically Sound MSM Outsourcing Proximity Signatures Breaking Optimized HQC: The First Cache-Timing Full Decryption Oracle Key-Recovery Attack in Post-Quantum Cryptography Efficient Partially Blind Signatures from Isogenies Evaluating PQC KEMs, Combiners, and Cascade Encryption via Adaptive IND-CPA Testing Using Deep Learning High-Throughput Side-Channel-Protected Stream Cipher Hardware for 6G Systems Efficient e = 3 Threshold RSA via Integer Coordinates for Intel SGX Zeal: PIR for Non-Cooperative Databases VEIL: Lightweight Zero-Knowledge for Hash-Based Multilinear Proof Systems Witness-Indistinguishable Arguments of Knowledge and One-Way Functions The many faces of Schnorr: a touch-up Open Problems in List Decoding and Correlated Agreement Compressed Key Exchange Protocol from Orientations of Large Discriminant Using AVX-512 SPLASH: SPeculative Leakage-Adaptive Secure Hardware An Efficient Identity-Based Blind Signature Scheme from SM9 Efficient Batch Threshold Encryption Using Partial Fraction Techniques A note on the Unsuitability of LIGA for Linkable Ring Signatures: The perils of non-commutativity Verification Facade: Masquerading Insecure Cryptographic Implementations as Verified Code Cryptographic Implications of Worst-Case Hardness of Time-Bounded Kolmogorov Complexity Efficient Merkle-Tree Consistent Accumulator FLOSS: Fast Linear Online Secret-Shared Shuffling Which Privacy Blanket is Optimal in the Shuffle Model? Applications of Bruhat-Chevalley-Renner Decomposition to Metric-Aware Code-Based Cryptography Expanders Meet Reed-Muller: Easy Instances of Noisy k-XOR Verifiable Divide-and-Conquer Pseudorandomness of UFLM: A Characterization via Its Linear Layer QED-Lite: Lightweight Detection of Quantum-Vulnerable ELF Binaries via Cryptographic Library Version Fingerprinting Reformulating the SNOVA Signature Scheme Game Theory Does Not Always Help: The Case of Statistical Multi-Party Coin Tossing Improved Codes and Decoders for HQC Delegate: Coalition Proof Incentivized Outsourced Computation with Smart Contracts Fast and Efficient Perfectly Secure Network-Agnostic Secure Computation Tighter Bounds for the Oblivious Bit-Fixing Inner Product Extractor on Biased Seeds Random Robust Secret Sharing with Perfect Privacy and its Applications Counting and recovering the quadratic relations of a vectorial function A Search-to-Decision Reduction for Continuous LWE Robot: Robust Threshold BBS+ in Two Rounds Perils of Parallelism: Transaction Fee Mechanisms under Execution Uncertainty Synthesis of RTL-based Characterization Programs for Fault Injection SSLE-DAG: A High-Throughput Proof-of-Stake Consensus Protocol Combining an Adaptive DAG with a Single Secret Leader Election On Optimal Information-Theoretic Security in Symmetric Encryption under Low-Entropy Keys Efficient and Parallel Implementation of Isogeny-based Deterministic Group Actions Fast and Compact Lattice-Based Registration-Based Encryption Graph-based Asynchrony with Quasilinear Complexity for Any Linear Verifiable Secret Sharing Scheme MTSF --- Market-Theoretic Security Framework: A Unified Paradigm For The Art Of Proving and Disproving Security Ticket to Hide: Private, Practical Proofs of Provenance for TLS Linear Code Equivalence via Plücker Coordinates Survey of isogeny-based signature schemes resistant to Castryck–Decru attack On the Need for (Quantum) Memory with Short Outputs Simulating Noisy Leakage with Bounded Leakage: Simpler, Better, Faster Relaxed Modular PCS from Arbitrary PCS and Applications to SNARKs for Integers Tripling on Hessian curves via isogeny decomposition Reducing the Number of Qubits in Quantum Discrete Logarithms on Elliptic Curves At-Compromise Security: The Case for Alert Blindness A Practical Neighborhood Search Attack on Oracle MLWE Designated-Verifier Dynamic zk-SNARKs with Applications to Dynamic Proofs of Index Abelian surfaces in Hesse form and explicit isogeny formulas Efficiently Provable Approximations for Non-Polynomial Functions Laminate: Succinct SIMD-Friendly Verifiable FHE Accelerating FrodoKEM in Hardware TSS-PV: Traceable Secret Sharing with Public Verifiability PIRANHAS: PrIvacy-Preserving Remote Attestation in Non-Hierarchical Asynchronous Swarms Small-field hash-based SNARGs are less sound than conjectured Hash-Based Blind Signatures: First Steps Partial Fraction Techniques for Cryptography VIA: Communication-Efficient Single-Server Private Information Retrieval Enabling Index-free Adjacency in Oblivious Graph Processing with Delayed Duplications Accurate BGV Parameters Selection: Accounting for Secret and Public Key Dependencies in Average-Case Analysis Multi-Party Functional Encryption (MPFE): A tool in the distributed and decentralized world Compact, Efficient and CCA-Secure Updatable Encryption from Isogenies Faster Homomorphic Integer Computer Tempo: An ML-KEM to PAKE Compiler Resilient to Timing Attacks OhLaLa: Combined Security against Region Fault Attacks in Constant Protection Order Threshold Signatures Reloaded: ML-DSA and Enhanced Raccoon with Identifiable Aborts The Pipes Model for Latency and Throughput Analysis Tighter Quantum Security for Fiat-Shamir-with-Aborts and Hash-and-Sign-with-Retry Signatures InstaRand: Instantly Available and Instantly Verifiable On-chain Randomness Simple and Efficient Lattice Threshold Signatures with Identifiable Aborts BERMUDA: A BPSec-Compatible Key Management Scheme for DTNs Making Uncertified DAG BFT Provably Live with Linear Payload and Quadratic Metadata Communication A proof of P≠NP (New symmetric encryption algorithm against any linear attacks and differential attacks) ETK: External-Operations TreeKEM and the Security of MLS in RFC 9420 A Combinatorial Attack on Ternary Sparse Learning with Errors (sLWE) A Divide-and-Conquer Strategy for Hard-Label Extraction of Deep Neural Networks via Side-Channel Attacks On the practicality of quantum sieving algorithms for the shortest vector problem Dynamic zk-SNARKs (with applications to sparse zk-SNARKs and IVC) ProxCode: Efficient Proximity Searchable Encryption from Error Correcting Codes Two-Round Threshold Signature from Algebraic One-More Learning with Errors The Last Challenge Attack on Fiat-Shamir in KZG-based SNARKs A New Perspective on Key Switching for BGV-like Schemes Improved Circuit Synthesis with Multi-Value Bootstrapping for FHEW-like Schemes DiStefano: Decentralized Infrastructure for Sharing Trusted Encrypted Facts and Nothing More Finding and Evaluating Parameters for BGV
Computer-Aided Proof for Extended Generalized Feistel Networks
Yuchao Chen · 2026-05-26 · via Cryptology ePrint Archive

Paper 2026/1057

Computer-Aided Proof for Extended Generalized Feistel Networks

, School of Cyber Science and Technology, Shandong University, Qingdao, China, State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China

Chun Guo, School of Cyber Science and Technology, Shandong University, Qingdao, China, State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China

Muzhou Li, School of Cryptologic Science and Engineering, Shandong University, Jinan, China, State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, Quancheng Laboratory, Jinan, 250103, China

Shuo Peng, School of Cyber Science and Technology, Shandong University, Qingdao, China, State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China

Hao Lei, School of Cyber Science and Technology, Shandong University, Qingdao, China, State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China

Guang Zeng, Huawei technologies, Beijing, China

Meiqin Wang, School of Cyber Science and Technology, Shandong University, Qingdao, China, State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, Quancheng Laboratory, Jinan, 250103, China

Abstract

(Multi-branch) Generalized Feistel Network~(GFN) enables the construction of block ciphers from non-linear components with small domains, and has been adopted in various block ciphers. Berger et al. (SAC 2013) introduced the Extended Generalized Feistel Network~(EGFN), which unified and extended existing Feistel-like structures by using a matrix representation. Given an arbitrary matrix, it is typically difficult to determine how many EGFN rounds are sufficient for pseudorandom permutation (PRP) and strong PRP (SPRP) security. Remarkably, security proofs for structures with a larger number of branches have to analyze a huge amount of collision events, which is overly complicated and prone to errors. To remedy this situation, we present AutoEGFN, a computer-aided proof tool that determines the number of rounds sufficient for PRP and SPRP security for various variants of EGFN. The tool operates by calculating three parameters: $r_1$, $r_2$, and $r_3$. The validity and soundness of AutoEGFN are formally established by a detailed security proof. To demonstrate the effectiveness of AutoEGFN, we have applied it to multiple structures such as Type-1/2 GFN (Zheng et al., CRYPTO 1989), YI11's Type-1 GFN (Yanagihara and Iwata, CANS 2011), DFLM19's GFN (Derbez et al., FSE 2019), DDGP22's GFN (Delaune et al., INDOCRYPT 2022), Type-1.x GFN (Yanagihara and Iwata, IEICE 2014), SH/TH GFN (Yanagihara and Iwata, CANS 2011), Nyberg's GFN (Nyberg, ASIACRYPT 1996), SM's GFN (Suzaki and Minematsu, FSE 2010), and BMT's EGFN (Berger et al., SAC 2013). As a result, we provide a systematic analysis of the (S)PRP security for Type-1 and Type-2 structures for different numbers of branches. Our tool efficiently determines the concrete number of rounds required to ensure PRP and SPRP security for EGFNs with different branch numbers. For comparison, previous work only proved the (S)PRP security for 8- and 16-branch BMT's EGFN. Our tool completes the proof within several minutes, even for variants with $32$ branches. Meanwhile, for the other structures, we provide the first concrete (S)PRP security proofs without any restrictions on their permutation layers. Furthermore, AutoEGFN will significantly contribute to the enhancement of EGFN designs and implementations in various cryptographic applications.