Paper 2024/731

Toward Full n-bit Security and Nonce Misuse Resistance of Block Cipher-based MACs

Wonseok Choi, Purdue University, West Lafayette, IN, USA
Jooyoung Lee, KAIST, Daejeon, Korea
Yeongmin Lee, DESILO Inc., Seoul, Korea
Abstract

In this paper, we study the security of MAC constructions among those classified by Chen et al. in ASIACRYPT '21. Precisely, FB2EDM (or EWCDM as named by Cogliati and Seurin in CRYPTO '16), FB3EDM, FB2SoP, FB3SoP (all as named by Chen et al.) are proved to be fully secure up to 2n MAC queries in the nonce-respecting setting, improving the previous bound of -bit security. In particular, and enjoy graceful degradation as the number of queries with repeated nonces grows (when the underlying universal hash function satisfies a certain property called multi-xor-collision resistance). To do this, we develop a new tool, namely extended Mirror theory based on two independent permutations to a wide range of including inequalities. We also present matching attacks on and using MAC queries and verification query without using repeated nonces.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2024
Keywords
message authentication codebeyond birthday bound securityMirror theory
Contact author(s)
wonseok @ purdue edu
hicalf @ kaist ac kr
yeongmin lee @ desilo ai
History
2024-09-09: revised
2024-05-13: received
See all versions
Short URL
https://ia.cr/2024/731
License
No rights reserved
CC0

BibTeX 

@misc{cryptoeprint:2024/731,
      author = {Wonseok Choi and Jooyoung Lee and Yeongmin Lee},
      title = {Toward Full $n$-bit Security and Nonce Misuse Resistance of Block Cipher-based {MACs}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/731},
      year = {2024},
      url = {https://eprint.iacr.org/2024/731}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.