### A Note on the Security Framework of Two-key DbHtS MACs

Tingting Guo and Peng Wang

##### Abstract

Double-block Hash-then-Sum (DbHtS) MACs are a class of MACs achieve beyond-birthday-bound (BBB) security, including SUM-ECBC, PMAC_Plus, 3kf9 and LightMAC_Plus etc. Recently, Shen et al. (Crypto 2021) proposed a security framework for two-key DbHtS MACs in the multi-user setting, stating that when the underlying blockcipher is ideal and the universal hash function is regular and almost universal, the two-key DbHtS MACs achieve 2n/3-bit security. Unfortunately, the regular and universal properties can not guarantee the BBB security of two-key DbHtS MACs. We propose three counter-examples which are proved to be 2n/3-bit secure in the multi-user setting by the framework, but can be broken with probability 1 using only O(2^{n/2}) queries even in the single-user setting. We also point out the miscalculation in their proof leading to such a flaw. However, we haven’t found attacks against 2k-SUM-ECBC, 2k-PMAC_Plus and 2k-LightMAC_Plus proved 2n/3-bit security in their paper.

Available format(s)
Category
Secret-key cryptography
Publication info
Preprint. Minor revision.
Keywords
MACDbHtSBeyond-birthday-bound securityMulti-user security
Contact author(s)
guotingting @ iie ac cn
w rocking @ gmail com
History
2022-04-17: last of 8 revisions
See all versions
Short URL
https://ia.cr/2022/375

CC BY

BibTeX

@misc{cryptoeprint:2022/375,
author = {Tingting Guo and Peng Wang},
title = {A Note on the Security Framework of Two-key DbHtS MACs},
howpublished = {Cryptology ePrint Archive, Paper 2022/375},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/375}},
url = {https://eprint.iacr.org/2022/375}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.