Single Key Variant of PMAC_Plus

At CRYPTO 2011, Yasuda proposed the PMAC_Plus message authentication code based on an n -bit block cipher. Its design principle inherits the well known PMAC parallel network with a low additional cost. PMAC_Plus is a rate-1 construction like PMAC (i.e., one block cipher call per n -bit message block) but provides security against all adversaries (under black-box model) making queries altogether consisting of roughly upto 2 2 n /3 blocks (strings of n -bits). Even though PMAC_Plus gives higher security than the standard birthday bound security, with currently available best bound, it provides weaker security than PMAC for certain choices of adversaries. Moreover, unlike PMAC, PMAC_Plus operates with three independent block cipher keys. In this paper, we propose 1k-PMAC_Plus, the first rate-1 single keyed block cipher based BBB (Beyond Birthday Bound) secure (in standard model) deterministic MAC construction without arbitrary field multiplications. 1k-PMAC_Plus, as the name implies, is a simple one-key variant of PMAC_Plus. In addition to the key reduction, we obtain a higher security guarantee than what was proved originally for PMAC_Plus, thus an improvement in two directions.

[1]  Yusuke Naito,et al.  Full PRF-Secure Message Authentication Code Based on Tweakable Block Cipher , 2015, ProvSec.

[2]  Bart Preneel,et al.  A MAC Mode for Lightweight Block Ciphers , 2016, FSE.

[3]  Benoit Cogliati,et al.  EWCDM: An Efficient, Beyond-Birthday Secure, Nonce-Misuse Resistant MAC , 2016, CRYPTO.

[4]  Benoit Cogliati,et al.  The Indistinguishability of the XOR of k Permutations , 2014, FSE.

[5]  John Black,et al.  A Block-Cipher Mode of Operation for Parallelizable Message Authentication , 2002, EUROCRYPT.

[6]  Mihir Bellare,et al.  XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions , 1995, CRYPTO.

[7]  Kazuhiko Minematsu,et al.  How to Thwart Birthday Attacks against MACs via Small Randomness , 2010, FSE.

[8]  Kan Yasuda,et al.  The Sum of CBC MACs Is a Secure PRF , 2010, CT-RSA.

[9]  Toshiyasu Matsushima,et al.  New Bounds for PMAC, TMAC, and XCBC , 2007, FSE.

[10]  Mridul Nandi,et al.  Fast and Secure CBC-Type MAC Algorithms , 2009, FSE.

[11]  Mridul Nandi,et al.  Revisiting Full-PRF-Secure PMAC and Using It for Beyond-Birthday Authenticated Encryption , 2017, CT-RSA.

[12]  Phillip Rogaway,et al.  Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC , 2004, ASIACRYPT.

[13]  Thomas Peyrin,et al.  Tweaks and Keys for Block Ciphers: The TWEAKEY Framework , 2014, ASIACRYPT.

[14]  Jacques Patarin,et al.  Introduction to Mirror Theory: Analysis of Systems of Linear Equalities and Linear Non Equalities for Cryptography , 2010, IACR Cryptol. ePrint Arch..

[15]  Mihir Bellare,et al.  A tool for obtaining tighter security analyses of pseudorandom function based constructions, with applications to PRP to PRF conversion , 1999, IACR Cryptol. ePrint Arch..

[16]  Palash Sarkar Pseudo-Random Functions and Parallelizable Modes of Operations of a Block Cipher , 2010, IEEE Transactions on Information Theory.

[17]  Hugo Krawczyk,et al.  Stateless Evaluation of Pseudorandom Functions: Security beyond the Birthday Barrier , 1999, CRYPTO.

[18]  Antoine Joux,et al.  On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit: A New Construction , 2002, FSE.

[19]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[20]  Kan Yasuda,et al.  A New Variant of PMAC: Beyond the Birthday Bound , 2011, CRYPTO.

[21]  Peng Wang,et al.  3kf9: Enhancing 3GPP-MAC beyond the Birthday Bound , 2012, ASIACRYPT.

[22]  Kaoru Kurosawa,et al.  OMAC: One-Key CBC MAC , 2003, IACR Cryptol. ePrint Arch..

[23]  Vincent Rijmen,et al.  Rijndael/AES , 2005, Encyclopedia of Cryptography and Security.

[24]  Jacques Patarin,et al.  The "Coefficients H" Technique , 2009, Selected Areas in Cryptography.

[25]  Daniel J. Bernstein,et al.  How to Stretch Random Functions: The Security of Protected Counter Sums , 1999, Journal of Cryptology.

[26]  Jacques Patarin,et al.  A Proof of Security in O(2n) for the Xor of Two Random Permutations , 2008, ICITS.

[27]  Thomas Peyrin,et al.  The SKINNY Family of Block Ciphers and its Low-Latency Variant MANTIS , 2016, IACR Cryptol. ePrint Arch..

[28]  Stefan Lucks,et al.  The Sum of PRPs Is a Secure PRF , 2000, EUROCRYPT.

[29]  Stefano Tessaro,et al.  Information-Theoretic Indistinguishability via the Chi-Squared Method , 2017, CRYPTO.

[30]  Mridul Nandi,et al.  Improved security analysis of PMAC , 2007, J. Math. Cryptol..

[31]  Krzysztof Pietrzak,et al.  The Exact Security of PMAC , 2016, IACR Trans. Symmetric Cryptol..

[32]  Stefan Lucks,et al.  The Skein Hash Function Family , 2009 .