Paper 2007/031

Improved Security Analysis of PMAC

Mridul Nandi and Avradip Mandal

Abstract

In this paper we provide a simple, concrete and improved security analysis of {\bf PMAC}, a Parallelizable Message Authentication Code. We show that the advantage of any distinguisher for {\bf PMAC} based on a random permutation is at most $\mathbf{\frac{5q\sigma - 3.5 q^2}{2^n}}$, where $\sigma$ is the total number of message blocks in all $q$ queries made by the distinguisher. In the original paper by Black and Rogaway in Eurocrypt-2002, the bound was $\frac{(\sigma+1)^2}{2^{n-1}}$. Very recently, Minematsu and Matsushima in FSE-2007, have provided a bound $\frac{10\ell q^2}{2^n}$ where $\ell$ is the maximum block length of all messages queried by the distinguisher. Our new bound is better than both original and recently proposed bound and guarantees much more security of PMAC. We also have provided a complete, independent and simple combinatorial proof. This proof idea may help us to find a similar result for other MAC algorithms.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Message Authentication Codes
Contact author(s)
mridul nandi @ gmail com
History
2007-05-01: last of 2 revisions
2007-02-14: received
See all versions
Short URL
https://ia.cr/2007/031
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2007/031,
      author = {Mridul Nandi and Avradip Mandal},
      title = {Improved Security Analysis of PMAC},
      howpublished = {Cryptology ePrint Archive, Paper 2007/031},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/031}},
      url = {https://eprint.iacr.org/2007/031}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.