Cryptology ePrint Archive: Report 2017/848

Single Key Variant of PMAC_Plus

Nilanjan Datta and Avijit Dutta and Mridul Nandi and Goutam Paul and Liting Zhang

Abstract: In CRYPTO 2011, Yasuda proposed PMAC_Plus message authentication code based on an $n$-bit block cipher. Its design principle inherits the well known PMAC parallel network with a low additional cost. PMAC_Plus is a rate-$1$ construction like PMAC (i.e., one block cipher call per $n$-bit message block) but provides security against all adversaries making queries altogether consisting of roughly upto $2^{2n/3}$ blocks (strings of $n$-bits). Even though PMAC_Plus gives higher security than the standard birthday bound security, with currently available best bound, it provides weaker security than PMAC for certain choices of adversaries. Moreover, unlike PMAC, PMAC_Plus operates with three independent block cipher keys. In this paper, we propose 1k-PMAC_Plus, the first rate-$1$ single keyed block cipher based BBB (Beyond Birthday Bound) secure (in standard model) deterministic MAC construction without arbitrary field multiplications. Our construction is a simple one-key variant of PMAC_Plus. Moreover, we show higher security guarantee than what was proved originally for PMAC_Plus. Our proven bound shows that PMAC_Plus and 1k-PMAC_Plus always provide higher security guarantee than what was promised by PMAC against all types of adversaries.

Category / Keywords: PMAC, PMAC_Plus, Beyond Birthday, Cover-free, PRF, Sum of PRPs.

Date: received 1 Sep 2017, last revised 6 Sep 2017

Contact author: avirocks dutta13 at gmail com

Available format(s): PDF | BibTeX Citation

Note: In this paper we have corrected the flaw in the security proof of 1k_PMAC+ as reported in Report 2015/958.

Version: 20170908:123459 (All versions of this report)

Short URL: ia.cr/2017/848

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]