Cryptology ePrint Archive: Report 2021/1283

Parallel Verification of Serial MAC and AE Modes

Kazuhiko Minematsu and Akiko Inoue and Katsuya Moriwaki and Maki Shigeri and Hiroyasu Kubo

Abstract: A large number of the symmetric-key mode of operations, such as classical CBC-MAC, have serial structures. While a serial mode gives an implementation advantage in terms of required memory or footprint compared to the parallel counterparts, it wastes the capability of parallel process even when it is available. The problem is becoming more relevant as lightweight cryptography is going to be deployed in the real world. In this article, we propose an alternative implementation strategy for serial MAC modes and serial authenticated encryption (AE) modes that allows 2-block parallel operation for verification/decryption. Our proposal maintains the original functionality and security. It is simple yet novel, and generally applicable to a wide range of existing modes including two NIST recommendations, CMAC and CCM. We demonstrate the effectiveness of our proposal by showing several case studies with software implementations.

Category / Keywords: secret-key cryptography / Mode of Operation and MAC and Authenticated Encryption and Parallel verification and CMAC and CCM and Romulus

Original Publication (with minor differences): Selected Areas in Cryptography 2021

Date: received 23 Sep 2021

Contact author: k-minematsu at nec com, a_inoue at nec com

Available format(s): PDF | BibTeX Citation

Version: 20210924:175416 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]