Single Key Variant of PMAC_Plus


  • Nilanjan Datta Indian Institute of Technology, Kharagpur, India
  • Avijit Dutta Indian Statistical Institute, Kolkata, India
  • Mridul Nandi Indian Statistical Institute, Kolkata, India
  • Goutam Paul Indian Statistical Institute, Kolkata, India
  • Liting Zhang Westone Cryptologic Research Center, Beijing, China



PMAC, PMAC_Plus, Beyond Birthday, Cover-free, PRF, Sum of PRPs


At CRYPTO 2011, Yasuda proposed the PMAC_Plus message authentication code based on an n-bit block cipher. Its design principle inherits the well known PMAC parallel network with a low additional cost. PMAC_Plus is a rate-1 construction like PMAC (i.e., one block cipher call per n-bit message block) but provides security against all adversaries (under black-box model) making queries altogether consisting of roughly upto 22n/3 blocks (strings of n-bits). Even though PMAC_Plus gives higher security than the standard birthday bound security, with currently available best bound, it provides weaker security than PMAC for certain choices of adversaries. Moreover, unlike PMAC, PMAC_Plus operates with three independent block cipher keys. In this paper, we propose 1k-PMAC_Plus, the first rate-1 single keyed block cipher based BBB (Beyond Birthday Bound) secure (in standard model) deterministic MAC construction without arbitrary field multiplications. 1k-PMAC_Plus, as the name implies, is a simple one-key variant of PMAC_Plus. In addition to the key reduction, we obtain a higher security guarantee than what was proved originally for PMAC_Plus, thus an improvement in two directions.



How to Cite

Datta, N., Dutta, A., Nandi, M., Paul, G., & Zhang, L. (2017). Single Key Variant of PMAC_Plus. IACR Transactions on Symmetric Cryptology, 2017(4), 268–305.