## Cryptology ePrint Archive: Report 2017/831

Security Proof of JAMBU under Nonce Respecting and Nonce Misuse Cases

Geng Wang and Haiyang Zhang and Fengmei Liu

Abstract: JAMBU is an AEAD mode of operation which entered the third round of CAESAR competition. However, it does not have a security proof like other modes of operation do, and there was a cryptanalysis result that has overthrown the security claim under nonce misuse case by the designers. In this paper, we complement the shortage of the scheme by giving security proofs of JAMBU both under nonce respecting case and nonce misuse case. We prove that JAMBU under nonce respecting case has a slightly lower security than the birthday bound of $n$ bits, and JAMBU under nonce misuse case has a tight security bound of $n/2$ bits.

Category / Keywords: secret-key cryptography / JAMBU, CAESAR Competition, Provable Security, Nonce-Misuse Resistance

Date: received 30 Aug 2017, last revised 21 Mar 2018

Contact author: cnpkw at 126 com

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2017/831

[ Cryptology ePrint archive ]