Fine-tuning the ISO/IEC Standard LightMAC

Soumya Chattopadhyay, Ashwin Jha, and Mridul Nandi

Abstract

LightMAC, by Luykx et al., is a block cipher based message authentication code (MAC). The simplicity of design and low overhead allows it to have very compact implementations. As a result, it has been recently chosen as an ISO/IEC standard MAC for lightweight applications. LightMAC has been shown to achieve query length independent security bound of $O(q^2/2^n)$ when instantiated with two independently keyed $n$-bit block ciphers, where $q$ denotes the number of MAC queries and the query-length is upper bounded by $(n-s)2^s$ bits for a fixed counter size $s$. In this paper, we aim to minimize the number of block cipher keys in LightMAC. First, we show that the original LightMAC instantiated with a single block cipher key, referred as 1k-LightMAC, achieves security bound of $O(q^2/2^n)$ while the query-length is at least $(n-s)$ bits and at most $(n-s)\min\{2^{n/4},2^s\}$ bits. Second, we show that a minor variant of 1k-LightMAC, dubbed as LightMAC-ds, achieves security bound of $O(q^2/2^n)$ while query-length is upper bounded by $(n-s)2^{s-1}$ bits. Of independent interest, our security proof of 1k-LightMAC employs a novel sampling approach, called the reset-sampling, as a subroutine within the H-coefficient proof setup.

Note: Two missing sub-cases included in the analysis.

Available format(s)
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2021
Keywords
LightMACMACPRFsingle-keylightweightISOIEC standard
Contact author(s)
s c 2357 @ gmail com
ashwin jha1991 @ gmail com
mridul nandi @ gmail com
History
2021-10-07: last of 2 revisions
See all versions
Short URL
https://ia.cr/2021/1166

CC BY

BibTeX

@misc{cryptoeprint:2021/1166,
author = {Soumya Chattopadhyay and Ashwin Jha and Mridul Nandi},
title = {Fine-tuning the ISO/IEC Standard LightMAC},
howpublished = {Cryptology ePrint Archive, Paper 2021/1166},
year = {2021},
note = {\url{https://eprint.iacr.org/2021/1166}},
url = {https://eprint.iacr.org/2021/1166}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.