Paper 2016/1174

Revisiting Full-PRF-Secure PMAC and Using It for Beyond-Birthday Authenticated Encryption

Eik List and Mridul Nandi

Abstract

This paper proposes an authenticated encryption scheme, called SIVx, that preserves BBB security also in the case of unlimited nonce reuses. For this purpose, we propose a single-key BBB-secure message authentication code with 2n-bit outputs, called PMAC2x, based on a tweakable block cipher. PMAC2x is motivated by PMAC_TBC1k by Naito; we revisit its security proof and point out an invalid assumption. As a remedy, we provide an alternative proof for our construction, and derive a corrected bound for PMAC_TBC1k.

Note: Replaced the ePrint reference of Minematsu and Iwata’s paper after its acceptance in ToSC with the ToSC reference

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Major revision. CT-RSA 2017
DOI
10.1007/978-3-319-52153-4_15
Keywords
message authentication codesauthenticated encryptionprovable security
Contact author(s)
eik list @ uni-weimar de
History
2017-06-21: last of 2 revisions
2016-12-28: received
See all versions
Short URL
https://ia.cr/2016/1174
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1174,
      author = {Eik List and Mridul Nandi},
      title = {Revisiting Full-PRF-Secure PMAC and Using It for Beyond-Birthday Authenticated Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1174},
      year = {2016},
      doi = {10.1007/978-3-319-52153-4_15},
      note = {\url{https://eprint.iacr.org/2016/1174}},
      url = {https://eprint.iacr.org/2016/1174}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.