Provably Secure MACs from Differentially-Uniform Permutations and AES-Based Implementations

  • Kazuhiko Minematsu
  • Yukiyasu Tsunoo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4047)

Abstract

We propose message authentication codes (MACs) that combine a block cipher and an additional (keyed or unkeyed) permutation. Our MACs are provably secure if the block cipher is pseudorandom and the additional permutation has a small differential probability. We also demonstrate that our MACs are easily implemented with AES and its 4-round version to obtain MACs that are provably secure and 1.4 to 2.5 times faster than the previous MAC modes of AES such as the CBC-MAC-AES.

Keywords

MAC Block cipher AES Differentially-uniform permutation 

References

  1. 1.
  2. 2.
  3. 3.
  4. 4.
    den Boer, B., Boly, J.P., Bosselaers, A., Brandt, J., Chaum, D., Damgåard, I., Dichtl, M., Fumy, W., van der Ham, M., Jansen, C.J.A., Landrock, P., Preneel, B., Roelofsen, G., de Rooij, P., Vandewalle, J.: RIPE Integrity Primitives, final report of RACE Integrity Primitives Evaluation (1995)Google Scholar
  5. 5.
    Bellare, M., Kilian, J., Rogaway, P.: The Security of the Cipher Block Chaining Message Authentication Code. Journal of Computer and System Science 61(3) (2000)Google Scholar
  6. 6.
    Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A Concrete Security Treatment of Symmetric Encryption. In: Proceedings of the 38th Annual Symposium on Foundations of Computer Science, FOCS 1997, pp. 394–403 (1997)Google Scholar
  7. 7.
    Bernstein, D.J.: The Poly1305-AES Message-Authentication Code. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 32–49. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Black, J., Rogaway, P.: CBC MACs for Arbitrary-Length Messages: The Three- Key Constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197–215. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    Boesgaard, M., Christensen, T., Zenner, E.: Badger - A Fast and Provably Secure MAC. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 176–191. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Carter, L., Wegman, M.: Universal Classes of Hash Functions. Journal of Computer and System Science 18, 143–154 (1979)MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Daemen, J., Rijmen, V.: A New MAC Construction ALRED and a Specific Instance ALPHA-MAC. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 1–17. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Daemen, J., Rijmen, V.: The Pelican MAC Function. IACR ePrint Archive, 2005/088Google Scholar
  13. 13.
    Goldreich, O.: Modern Cryptography, Probabilistic Proofs and Pseudorandomness. In: Algorithms and Combinatorics, vol. 17. Springer, Heidelberg (1998)Google Scholar
  14. 14.
    Halevi, S., Krawczyk, H.: MMH: Software Message Authentication in the Gbit/second rates. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 172–189. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  15. 15.
    Iwata, T., Kurosawa, K.: Stronger Security Bounds for OMAC, TMAC, and XCBC. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 402–415. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Iwata, T., Kurosawa, K.: OMAC: One-Key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Iwata, T., Kurosawa, K.: On the Universal Hash Functions in Luby-Rackoff Cipher. IEICE Transactions 87–A, 60–66 (2004)Google Scholar
  18. 18.
    Keliher, L., Sui, J.: Exact Maximum Expected Differential and Linear Probability for 2-Round Advanced Encryption Standard (AES). IACR ePrint Archive, 2005/321Google Scholar
  19. 19.
    Krovetz, T.: Software-Optimized Universal Hashing and Message Authentication. PhD dissertation, available from http://www.cs.ucdavis.edu/~rogaway/umac
  20. 20.
    Kurosawa, K., Iwata, T.: TMAC: Two-Key CBC MAC. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 33–49. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Liskov, M., Rivest, R.L., Wagner, D.: Tweakable Block Ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  22. 22.
    Luby, M., Rackoff, C.: How to Construct Pseudo-random Permutations from Pseudo-random functions. SIAM J. Computing 17(2), 373–386 (1988)MATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    Maurer, U.: Indistinguishability of Random Systems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 110–132. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  24. 24.
    McGrew, D., Viega, J.: The Galois/Counter Mode of Operation (GCM). Submission to NIST Modes of Operation Process (2004)Google Scholar
  25. 25.
    Nyberg, K.: Differentially Uniform Mappings for Cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)Google Scholar
  26. 26.
    Park, S., Sung, S.H., Lee, S., Lim, J.: Improving the Upper Bound on the Maximum Differential and the Maximum Linear Hull Probability for SPN Structures and AES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 247–260. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  27. 27.
    Wegman, M., Carter, L.: New Hash Functions and Their Use in Authentication and Set Equality. Journal of Computer and System Sciences 22, 265–279 (1981)MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Kazuhiko Minematsu
    • 1
  • Yukiyasu Tsunoo
    • 1
  1. 1.NEC CorporationKawasakiJapan

Personalised recommendations