## Cryptology ePrint Archive: Report 2013/792

Improved Authenticity Bound of EAX, and Refinements

Kazuhiko Minematsu and Stefan Lucks and Tetsu Iwata

Abstract: EAX is a mode of operation for blockciphers to implement an authenticated encryption. The original paper of EAX proved that EAX is unforgeable up to $O(2^{n/2})$ data with one verification query. However, this generally guarantees a rather weak bound for the unforgeability under multiple verification queries, i.e., only $(2^{n/3})$ data is acceptable.

This paper provides an improvement over the previous security proof, by showing that EAX is unforgeable up to $O(2^{n/2})$ data with multiple verification queries. Our security proof is based on the techniques appeared in a paper of FSE 2013 by Minematsu et al. which studied the security of a variant of EAX called EAX-prime. We also provide some ideas to reduce the complexity of EAX while keeping our new security bound. In particular, EAX needs three blockcipher calls and keep them in memory as a pre-processing, and our proposals can effectively reduce three calls to one call. This would be useful when computational power and memory are constrained.

Category / Keywords: secret-key cryptography / Authenticated encryption, EAX, security bound

Original Publication (with major differences): Provable Security (ProvSec) 2013
DOI:
10.1007/978-3-642-41227-1