Cryptology ePrint Archive: Report 2017/260
Message-Recovery MACs and Verification-Unskippable AE
Shoichi Hirose and Yu Sasaki and Kan Yasuda
Abstract: This paper explores a new type of MACs called message-recovery MACs (MRMACs). MRMACs have an additional input $R$ that gets recovered upon verification.
Receivers must execute verification in order to recover $R$, making the verification process unskippable. Such a feature helps avoid mis-implementing verification algorithms.
The syntax and security notions of MRMACs are rigorously formulated. In particular, we formalize the notion of unskippability and present a construction of an unskippable MRMAC from a tweakable cipher and a universal hash function.
Our construction is provided with formal security proofs.
We extend the idea of MRMACs to a new type of authenticated encryption called verification-unskippable AE (VUAE).
We propose a generic Enc-then-MRMAC composition which realizes VUAE. The encryption part needs to satisfy a new security notion called one-time undecipherability. We provide three constructions that are one-time undecipherable, and they are proven secure under various security models.
Category / Keywords: secret-key cryptography / message recovery MACs, authenticated encryption, unskippability, one-time undecipherability, CTR mode, Even-Mansour, FX
Date: received 21 Mar 2017
Contact author: hrs_shch at u-fukui ac jp
Available format(s): PDF | BibTeX Citation
Version: 20170325:200649 (All versions of this report)
Short URL: ia.cr/2017/260
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]