EliMAC: Speeding Up LightMAC by around 20%


  • Christoph Dobraunig Lamarr Security Research, Graz, Austria
  • Bart Mennink Digital Security Group, Radboud University, Nijmegen, The Netherlands
  • Samuel Neves CISUC, Department of Informatics Engineering, University of Coimbra, Coimbra, Portugal




universal hashing, MAC, EliHash, EliMAC, length independence


Universal hash functions play a prominent role in the design of message authentication codes and the like. Whereas it is known how to build highly efficient sequential universal hash functions, parallel non-algebraic universal hash function designs are always built on top of a PRP. In such case, one employs a relatively strong primitive to obtain a function with a relatively weak security model. In this work, we present EliHash, a construction of a parallel universal hash function from non-compressing universal hash functions, and we back it up with supporting security analysis. We use this construction to design EliMAC, a message authentication code similar to LightMAC. We consider a heuristic instantiation of EliMAC with roundreduced AES, and argue that this instantiation of EliMAC is much more efficient than LightMAC, it is around 21% faster, and additionally allows for precomputation of the keys, albeit with a stronger assumption on the AES primitive than in LightMAC. These observations are backed up with an implementation of our scheme.




How to Cite

Dobraunig, C., Mennink, B., & Neves, S. (2023). EliMAC: Speeding Up LightMAC by around 20%. IACR Transactions on Symmetric Cryptology, 2023(2), 69–93. https://doi.org/10.46586/tosc.v2023.i2.69-93