Single Key Variant of PMAC_Plus

Authors

  • Nilanjan Datta Indian Institute of Technology, Kharagpur, India
  • Avijit Dutta Indian Statistical Institute, Kolkata, India
  • Mridul Nandi Indian Statistical Institute, Kolkata, India
  • Goutam Paul Indian Statistical Institute, Kolkata, India
  • Liting Zhang Westone Cryptologic Research Center, Beijing, China

DOI:

https://doi.org/10.13154/tosc.v2017.i4.268-305

Keywords:

PMAC, PMAC_Plus, Beyond Birthday, Cover-free, PRF, Sum of PRPs

Abstract

At CRYPTO 2011, Yasuda proposed the PMAC_Plus message authentication code based on an n-bit block cipher. Its design principle inherits the well known PMAC parallel network with a low additional cost. PMAC_Plus is a rate-1 construction like PMAC (i.e., one block cipher call per n-bit message block) but provides security against all adversaries (under black-box model) making queries altogether consisting of roughly upto 22n/3 blocks (strings of n-bits). Even though PMAC_Plus gives higher security than the standard birthday bound security, with currently available best bound, it provides weaker security than PMAC for certain choices of adversaries. Moreover, unlike PMAC, PMAC_Plus operates with three independent block cipher keys. In this paper, we propose 1k-PMAC_Plus, the first rate-1 single keyed block cipher based BBB (Beyond Birthday Bound) secure (in standard model) deterministic MAC construction without arbitrary field multiplications. 1k-PMAC_Plus, as the name implies, is a simple one-key variant of PMAC_Plus. In addition to the key reduction, we obtain a higher security guarantee than what was proved originally for PMAC_Plus, thus an improvement in two directions.

Published

2017-12-15

Issue

Section

Articles

How to Cite

Single Key Variant of PMAC_Plus. (2017). IACR Transactions on Symmetric Cryptology, 2017(4), 268-305. https://doi.org/10.13154/tosc.v2017.i4.268-305