Cryptology ePrint Archive: Report 2014/386

Chaskey: An Efficient MAC Algorithm for 32-bit Microcontrollers

Nicky Mouha and Bart Mennink and Anthony Van Herrewege and Dai Watanabe and Bart Preneel and Ingrid Verbauwhede

Abstract: We propose Chaskey: a very efficient Message Authentication Code (MAC) algorithm for 32-bit microcontrollers. It is intended for applications that require 128-bit security, yet cannot implement standard MAC algorithms because of stringent requirements on speed, energy consumption, or code size. Chaskey is a permutation-based MAC algorithm that uses the Addition-Rotation-XOR (ARX) design methodology. We formally prove that Chaskey is secure in the standard model, based on the security of an underlying Even-Mansour block cipher. Chaskey is designed to perform well on a wide range of 32-bit microcontrollers. Our benchmarks show that on the ARM Cortex-M3/M4, our Chaskey implementation reaches a speed of 7.0 cycles/byte, compared to 89.4 cycles/byte for AES-128-CMAC. For the ARM Cortex-M0, our benchmark results give 16.9 cycles/byte and 136.5 cycles/byte for Chaskey and AES-128-CMAC respectively.

Category / Keywords: secret-key cryptography / Microcontroller, Message Authentication Code, Standard Model Security, Permutation-Based, ARX

Original Publication (with major differences): SAC 2014

Date: received 28 May 2014, last revised 20 Mar 2015

Contact author: Nicky Mouha at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20150320:150008 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]