Paper 2015/811

Key-recovery attacks against the MAC algorithm Chaskey

Chrysanthi Mavromati

Abstract

Chaskey is a Message Authentication Code (MAC) for 32-bit microcontrollers proposed by Mouha et. al at SAC 2014. Its underlying blockcipher uses an Even-Mansour construction with a permutation based on the ARX methodology. In this paper, we present key-recovery attacks against Chaskey in the single and multi-user setting. These attacks are based on recent work by Fouque, Joux and Mavromati presented at Asiacrypt 2014 on Even-Mansour based constructions. We first show a simple attack on the classical single-user setting which confirms the security properties of Chaskey. Then, we describe an attack in the multi-user setting and we recover all keys of 2^{43} users by doing 2^{43} queries per user. Finally, we show a variant of this attack where we are able to recover keys of two users in a smaller group of 2^{32} users.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. SAC 2015
Keywords
Message Authentication CodeCollision-based cryptanalysisARXEven-MansourChaskeyMulti-user setting
Contact author(s)
chrys mavromati @ gmail com
History
2015-08-14: received
Short URL
https://ia.cr/2015/811
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/811,
      author = {Chrysanthi Mavromati},
      title = {Key-recovery attacks against the MAC algorithm Chaskey},
      howpublished = {Cryptology ePrint Archive, Paper 2015/811},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/811}},
      url = {https://eprint.iacr.org/2015/811}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.