Cryptology ePrint Archive: Report 2015/1182

Chaskey: a MAC Algorithm for Microcontrollers -- Status Update and Proposal of Chaskey-12 --

Nicky Mouha

Abstract: The Chaskey MAC algorithm was presented by Mouha et al. at SAC 2014. It is designed for real-world applications where 128-bit keys are required, but standard cryptographic algorithms cannot be implemented because of stringent requirements on speed, energy consumption, or code size. Shortly after its publication, Chaskey was considered for standardization by ISO/IEC JTC 1/SC 27/WG 2. At the October 2015 meeting, the ISO/IEC committee decided to terminate the study period on Chaskey, and to circulate a first working draft. Since Chaskey was introduced, many follow-up results were published, including improved cryptanalysis results, new security proofs and more efficient implementations. This paper gives a comprehensive overview of those results, and introduces a twelve-round variant of Chaskey: Chaskey-12. Although the original eight-round Chaskey remains unbroken, Chaskey-12 has a much more conservative design, while reducing the performance by only 15% to 30%, depending on the platform.

Category / Keywords: secret-key cryptography / Chaskey-12, Message Authentication Code, Microcontroller, Permutation-Based, ARX

Date: received 10 Dec 2015, last revised 10 Dec 2015

Contact author: Nicky Mouha at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20151213:041245 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]