A New Variant of PMAC: Beyond the Birthday Bound
نویسنده
چکیده
We propose a PMAC-type mode of operation that can be used as a highly secure MAC (Message Authentication Code) or PRF (Pseudo-Random Function). Our scheme is based on the assumption that the underlying n-bit blockcipher is a pseudo-random permutation. Our construction, which we call PMAC Plus, involves extensive modification to PMAC, requiring three blockcipher keys. The PMAC Plus algorithm is a first rate-1 (i.e., one blockcipher call per n-bit message block) blockcipher-based MAC secure against O ( 2 ) queries, increasing the O ( 2 ) security of PMAC at a low additional cost. Our analysis uses some of the security-proof techniques developed with the sum construction (Eurocrypt 2000) and with the encrypted-CBC sum construction (CT-RSA 2010).
منابع مشابه
Single Key Variant of PMAC_Plus
In CRYPTO 2011, Yasuda proposed PMAC_Plus message authentication code based on an n-bit block cipher. Its design principle inherits the well known PMAC parallel network with a low additional cost. PMAC_Plus is a rate-1 construction like PMAC (i.e., one block cipher call per n-bit message block) but provides security against all adversaries making queries altogether consisting of roughly upto 22...
متن کاملBlockcipher-based MACs: Beyond the Birthday Bound without Message Length
We present blockcipher-based MACs (Message Authentication Codes) that have beyond the birthday bound security without message length in the sense of PRF (Pseudo-Random Function) security. Achieving such security is important in constructing MACs using blockciphers with short block sizes (e.g., 64 bit). Luykx et al. (FSE 2016) proposed LightMAC, the first blockcipher-based MAC with such security...
متن کاملZMAC: A Fast Tweakable Block Cipher Mode for Highly Secure Message Authentication
We propose a new mode of operation called ZMAC allowing to construct a (stateless and deterministic) message authentication code (MAC) from a tweakable block cipher (TBC). When using a TBC with n-bit blocks and t-bit tweaks, our construction provides security (as a variable-input-length PRF) beyond the birthday bound with respect to the block-length n and allows to process n + t bits of inputs ...
متن کاملOne-key Double-Sum MAC with Beyond-Birthday Security
MACs (Message Authentication Codes) are widely adopted in communication systems to ensure data integrity and data origin authentication, e.g. CBC-MACs in the ISO standard 9797-1. However, all the current designs either suffer from birthday attacks or require long key sizes. In this paper, we focus on designing beyond-birthday-bound MAC modes with a single key, and investigate their design princ...
متن کاملBuilding Single-Key Beyond Birthday Bound Message Authentication Code
MACs (Message Authentication Codes) are widely adopted in communication systems to ensure data integrity and data origin authentication, e.g. CBC-MACs in the ISO standard 9797-1. However, all the current designs based on block cipher either suffer from birthday attacks or require long key sizes. In this paper, we focus on designing single keyed block cipher based MAC achieving beyond-birthday-b...
متن کامل