Cryptology ePrint Archive: Report 2013/792

Improved Authenticity Bound of EAX, and Refinements

Kazuhiko Minematsu and Stefan Lucks and Tetsu Iwata

Abstract: EAX is a mode of operation for blockciphers to implement an authenticated encryption. The original paper of EAX proved that EAX is unforgeable up to $O(2^{n/2})$ data with one verification query. However, this generally guarantees a rather weak bound for the unforgeability under multiple verification queries, i.e., only $(2^{n/3})$ data is acceptable.

This paper provides an improvement over the previous security proof, by showing that EAX is unforgeable up to $O(2^{n/2})$ data with multiple verification queries. Our security proof is based on the techniques appeared in a paper of FSE 2013 by Minematsu et al. which studied the security of a variant of EAX called EAX-prime. We also provide some ideas to reduce the complexity of EAX while keeping our new security bound. In particular, EAX needs three blockcipher calls and keep them in memory as a pre-processing, and our proposals can effectively reduce three calls to one call. This would be useful when computational power and memory are constrained.

Category / Keywords: secret-key cryptography / Authenticated encryption, EAX, security bound

Original Publication (with major differences): Provable Security (ProvSec) 2013
DOI: 10.1007/978-3-642-41227-1

Date: received 26 Nov 2013

Contact author: k-minematsu at ah jp nec com

Available format(s): PDF | BibTeX Citation

Note: This is a full version of a paper appeared at Provable Security 2013, 7th International Conference, ProvSec 2013, Melaka, Malaysia, October 23-25, 2013.

Version: 20131130:053143 (All versions of this report)

Short URL: ia.cr/2013/792

Discussion forum: Show discussion | Start new discussion