@article{Minematsu_Iwata_2017, title={Cryptanalysis of PMACx, PMAC2x, and SIVx}, volume={2017}, url={https://tosc.iacr.org/index.php/ToSC/article/view/642}, DOI={10.13154/tosc.v2017.i2.162-176}, abstractNote={At CT-RSA 2017, List and Nandi proposed two variable input length pseudorandom functions (VI-PRFs) called PMACx and PMAC2x, and a deterministic authenticated encryption scheme called SIVx. These schemes use a tweakable block cipher (TBC) as the underlying primitive, and are provably secure up to the query complexity of 2<sup><em>n</em></sup>, where <em>n</em> denotes the block length of the TBC. In this paper, we falsify the provable security claims by presenting concrete attacks. We show that with the query complexity of <em>O</em>(2<sup><em>n</em>/2</sup>), i.e., with the birthday complexity, PMACx, PMAC2x, and SIVx are all insecure.}, number={2}, journal={IACR Transactions on Symmetric Cryptology}, author={Minematsu, Kazuhiko and Iwata, Tetsu}, year={2017}, month={Jun.}, pages={162–176} }