Sonikku: Gotta Speed, Keed! A Family of Fast and Secure MACs

Amit Singh Bhati; Elena Andreeva; Simon Müller; Damian Vizar

Paper 2024/1980

Sonikku: Gotta Speed, Keed! A Family of Fast and Secure MACs

Amit Singh Bhati

, COSIC, KU Leuven, 3MI Labs, Belgium

Elena Andreeva

, TU Wien

Simon Müller, TU Wien

Damian Vizar, CSEM

Abstract

Message authentication codes (MACs) are fundamental symmetric key cryptographic functions used to generate a short, secret-key-dependent tag for a given message. This tag ensures both message authenticity and integrity, as computing a valid tag without the secret key is computationally infeasible, thereby revealing any unauthorized modification. Existing MACs often rely on block ciphers (BCs) and tweakable block ciphers (TBCs). The design of these MACs involves various trade-offs regarding properties such as data processing rate, the number of secret keys, achievable security definitions and concrete margins, the necessity for pre- or post-processing, parallelization capabilities, internal state size, and performance optimization for diverse message lengths. This work introduces , a new family of MACs based on expanding primitives, comprising three distinct instances: , , and . The MACs offer a compelling combination of advantages: 1) superior speed compared to state-of-the-art TBC-based MACs; 2) security beyond the birthday bound related to the input block size; 3) a smaller internal state than comparable contemporary MACs; and 4) design flexibility considering diverse trade-offs, including pre/post-processing-free operation, parallel processing, a small resource footprint, and suitability for both short and long messages. These characteristics make them highly attractive for widespread applications, including resource-constrained environments like IoT and embedded devices. Performance evaluations on a Cortex-M4 32-bit microcontroller demonstrate that instantiated with achieves a significant speed-up of at least 2.11x (and up to 4.36x) compared to the state-of-the-art ZMAC instantiated with for 128-bit block sizes and messages up to 95 bytes. Similarly, and instantiated with exhibit speed improvements of at least 1.93x for short messages (up to 95 bytes) and 1.48x for larger messages (up to 64KB), respectively, when benchmarked against ZMAC instantiated with for both 64- and 128-bit block sizes. Building upon the approach of ZMAC and PMAC2x, we further illustrate the potential of the family by employing to construct SonicAE, a highly efficient, beyond-birthday secure, stateless, and deterministic authenticated encryption scheme.

Note: - Intro and motivation sections are polished. - XRTK security notion section quality is improved. - General text improvements.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Published elsewhere. Minor revision. ArcticCrypt 2025
Keywords: Authentication MAC forkcipher lightweight provable security related-tweakey parallel sequential short queries
Contact author(s): amitsingh bhati @ 3milabs tech
elena andreeva @ tuwien ac at
simon mueller @ tuwien ac at
damian vizar @ csem ch
History: 2025-05-20: revised; 2024-12-06: received; See all versions
Short URL: https://ia.cr/2024/1980
License: CC BY

BibTeX

@misc{cryptoeprint:2024/1980,
      author = {Amit Singh Bhati and Elena Andreeva and Simon Müller and Damian Vizar},
      title = {Sonikku: Gotta Speed, Keed! A Family of Fast and Secure {MACs}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1980},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1980}
}