The Mundja Streaming MAC

Mundja is a MAC generation algorithm that has been designed for use together with a stream cipher. Mundja accumulates the message onto two independent registers: the first is a Cyclic Redundancy Checksum (CRC) that uses linear feedback; the second is a strengthened version of the SHA-256 register [5] that uses nonlinear feedback. Mundja is fast (asymptotically about 4 times the speed of HMAC-SHA-256), and can generate MACs of any desired length. Mundja is designed to be secure at the equivalent level of 128-bit keys. When used in cooperation with a correspondingly secure stream cipher, it is hoped to remain secure even at the equivalent level of 256-bit keys. Appendices give details of the use of Mundja with the SOBER-128 [10], Turing [9] and RC4 stream ciphers.

[1]  Helena Handschuh,et al.  Security Analysis of SHA-256 and Sisters , 2003, Selected Areas in Cryptography.

[2]  Hideki Imai,et al.  Cryptanalysis of TOYOCRYPT-HS1 Stream Cipher , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[3]  Antoine Joux,et al.  Collisions in SHA-0 , 2004, CRYPTO 2004.

[4]  Philip Hawkes,et al.  On Corrective Patterns for the SHA-2 Family , 2004, IACR Cryptol. ePrint Arch..

[5]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[6]  Scott R. Fluhrer,et al.  Statistical Analysis of the Alleged RC4 Keystream Generator , 2000, FSE.

[7]  Antoine Joux,et al.  A Chosen IV Attack Against Turing , 2003, Selected Areas in Cryptography.

[8]  Philip Hawkes,et al.  Turing: A Fast Stream Cipher , 2002, FSE.

[9]  Subhamoy Maitra,et al.  Multiples of Primitive Polynomials over GF(2) , 2001, INDOCRYPT.

[10]  Thomas Johansson,et al.  SNOW - A new stream cipher , 2000 .

[11]  Dengguo Feng,et al.  Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , 2004, IACR Cryptol. ePrint Arch..

[12]  Philip Hawkes,et al.  Primitive Specification for SOBER-128 , 2003, IACR Cryptol. ePrint Arch..

[13]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[14]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .