New Constructions of MACs from (Tweakable) Block Ciphers

Authors

  • Benoît Cogliati University of Luxembourg, Luxembourg, Luxembourg
  • Jooyoung Lee Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea
  • Yannick Seurin Agence nationale de la sécurité des systèmes d'information (ANSSI), Paris, France

DOI:

https://doi.org/10.13154/tosc.v2017.i2.27-58

Keywords:

MAC, tweakable block cipher, nonce-misuse resistance, graceful security degradation

Abstract

We propose new constructions of Message Authentication Codes (MACs) from tweakable or conventional block ciphers. Our new schemes are either stateless and deterministic, nonce-based, or randomized, and provably secure either in the standard model for tweakable block cipher-based ones, or in the ideal cipher model for block cipher-based ones. All our constructions are very efficient, requiring only one call to the underlying (tweakable) block cipher in addition to universally hashing the message. Moreover, the security bounds we obtain are quite strong: they are beyond the birthday bound, and nonce-based/randomized variants provide graceful security degradation in case of misuse, i.e., the security bound degrades linearly with the maximal number of repetitions of nonces/random values.

Published

2017-06-19

Issue

Section

Articles

How to Cite

New Constructions of MACs from (Tweakable) Block Ciphers. (2017). IACR Transactions on Symmetric Cryptology, 2017(2), 27-58. https://doi.org/10.13154/tosc.v2017.i2.27-58