## On the Construction of Variable-Input-Length Ciphers

** Authors: M. Bellare and P. Rogaway**
** Abstract: ** Whereas a block cipher enciphers messages of some one
particular length (the blocklength), a {variable-input-length cipher} takes
messages of varying (and preferably arbitrary) lengths. Still, the length of
the ciphertext must equal the length of the plaintext. This paper introduces
the problem of constructing such objects, and provides a practical solution.
Our VIL mode of operation makes a variable-input-length cipher from any
block cipher. The method is demonstrably secure in the provable-security sense
of modern cryptography: we give a quantitative security analysis relating the
difficulty of breaking the constructed (variable-input-length) cipher to the
difficulty of breaking the underlying block cipher.

** Ref:** In Proceedings of 6th Workshop on Fast Software Encryption,
Lecture Notes in Computer Science Vol. 1636, Ed. L. Knudsen,
Springer-Verlag, 1999. Paper available below.

** Paper: ** Available as compressed
postscript, postscript, or
pdf. ( Help if this doesn't work).