CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
MDx-MAC and Building Fast MACs from Hash Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
A Block-Cipher Mode of Operation for Parallelizable Message Authentication
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Fast and Secure CBC-Type MAC Algorithms
Fast Software Encryption
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Multilane HMAC: security beyond the birthday limit
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Pseudo-random functions and parallelizable modes of operations of a block cipher
IEEE Transactions on Information Theory
A unified method for improving PRF bounds for a class of blockcipher based MACs
FSE'10 Proceedings of the 17th international conference on Fast software encryption
A new variant of PMAC: beyond the birthday bound
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Improved security analyses for CBC MACs
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
The sum of CBC MACs is a secure PRF
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Improving the security of MACs via randomized message preprocessing
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
New bounds for PMAC, TMAC, and XCBC
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Hi-index | 0.00 |
We present a new variant of PMAC (Parallelizable Message Authentication Code). The new mode calls an n-bit block cipher using four different block-cipher keys but attains a security bound of a novel form O(q2/2n+ℓσq/22n). Here, q denotes the total number of queries, ℓ the maximum length of each query (in blocks), and σ the total query complexity (in blocks). Our bound improves over the previous PMAC security O(ℓq2/2n) from FSE 2007 and over O(σq/2n) from FSE 2010. Moreover, when ℓ2n/6, our bound holds valid for larger values of q than the beyond-birthday bound O(ℓ3q3/22n) does--the bound of the PMAC variant from CRYPTO 2011. In particular, our bound becomes "ℓ-free" as O(q2/2n) under the condition that all queries are shorter than 2n/2 blocks (i.e., ℓ≤2n/2). Our construction is fairly efficient; it runs at rate 2/3 (meaning 1.5 encryptions to process n bits), which can be made even faster by increasing the number of keys. Thus our construction brings substantial gain in security guarantee without much loss in efficiency, which becomes especially valuable for 64-bit block ciphers.