Paper 2024/1163

On the Number of Restricted Solutions to Constrained Systems and their Applications

Benoît Cogliati, Thales DIS France SAS, Meudon, France
Jordan Ethan, CISPA Helmholtz Center for Information Security, Saarbrücken, Germany
Ashwin Jha, Ruhr-Universität Bochum, Bochum, Germany
Mridul Nandi, Indian Statistical Institute, Kolkata, India
Abishanka Saha, Indian Statistical Institute, Kolkata, India
Abstract

In this paper, we formulate a special class of systems of linear equations over finite fields that appears naturally in the provable security analysis of several MAC and PRF modes of operation. We derive lower bounds on the number of solutions for such systems adhering to some predefined restrictions, and apply these lower bounds to derive tight PRF security for several constructions. We show security up to $2^{3n/4}$ queries for the single-keyed variant of the Double-block Hash-then-Sum (DBHtS) construction, called 1k-DBHtS, under appropriate assumptions on the underlying hash function. We show that the single-key variants of PMAC+ and LightMAC+, called 1k-PMAC+ and 1k-LightMAC+ achieve the required hash function properties, and thus, achieve $3n/4$-bit security. Additionally, we show that the sum of $r$ independent copies of the Even-Mansour cipher is a secure PRF up to $2^{\frac{r}{r+1}n}$ queries.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
PMAC+LightMAC+Sum of Even-Mansourtight security
Contact author(s)
benoit cogliati @ gmail com
jordan ethan @ cispa de
letterstoashwin @ gmail com
mridul nandi @ gmail com
sahaa 1993 @ gmail com
History
2024-08-01: revised
2024-07-18: received
See all versions
Short URL
https://ia.cr/2024/1163
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1163,
      author = {Benoît Cogliati and Jordan Ethan and Ashwin Jha and Mridul Nandi and Abishanka Saha},
      title = {On the Number of Restricted Solutions to Constrained Systems and their Applications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1163},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1163}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.