Improved Authenticity Bound of EAX, and Refinements

  • Kazuhiko Minematsu
  • Stefan Lucks
  • Tetsu Iwata
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8209)


EAX is a mode of operation for blockciphers to implement an authenticated encryption. The original paper of EAX proved that EAX is unforgeable up to O(2n/2) data with one verification query. However, this generally guarantees a rather weak bound for the unforgeability under multiple verification queries, i.e., only (2n/3) data is acceptable.

This paper provides an improvement over the previous security proof, by showing that EAX is unforgeable up to O(2n/2) data with multiple verification queries. Our security proof is based on the techniques appeared in a paper of FSE 2013 by Minematsu et al. which studied the security of a variant of EAX called EAX-prime. We also provide some ideas to reduce the complexity of EAX while keeping our new security bound. In particular, EAX needs three blockcipher calls and keep them in memory as a pre-processing, and our proposals can effectively reduce three calls to one call. This would be useful when computational power and memory are constrained.


Authenticated encryption EAX security bound 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Information technology - Security techniques - Authenticated encryption. ISO/IEC 19772:2009 (2009)Google Scholar
  3. 3.
    Bellare, M., Goldreich, O., Mityagin, A.: The Power of Verification Queries in Message Authentication and Authenticated Encryption. Cryptology ePrint Archive, Report 2004/309 (2004),
  4. 4.
    Bellare, M., Rogaway, P., Wagner, D.: The EAX Mode of Operation (A Two-Pass Authenticated-Encryption Scheme Optimized for Simplicity and Efficiency),
  5. 5.
    Bellare, M., Rogaway, P., Wagner, D.: The EAX Mode of Operation. In: Roy, Meier (eds.) [17], pp. 389–407Google Scholar
  6. 6.
    Black, J.A., Rogaway, P.: CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197–215. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Chakraborty, D., Sarkar, P.: A general construction of tweakable block ciphers and different modes of operations. IEEE Transactions on Information Theory 54(5), 1991–2006 (2008)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Dai, W.: Crypto++ Library,
  9. 9.
  10. 10.
    Iwata, T., Kurosawa, K.: OMAC: One-Key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Krovetz, T., Rogaway, P.: The Software Performance of Authenticated-Encryption Modes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 306–327. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  12. 12.
    Minematsu, K., Lucks, S., Iwata, T.: Improved Authenticity Bound of EAX, and Refinements. Full-version of Provable Security 2013 (2013),
  13. 13.
    Minematsu, K., Lucks, S., Morita, H., Iwata, T.: Attacks and Security Proofs of EAX-Prime. Pre-proceedings of Fast Software Encryption 2013 (2013), full-version available at
  14. 14.
    Rogaway, P.: Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16–31. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Rogaway, P.: Nonce-Based Symmetric Encryption. In: Roy, Meier (eds.) [17], pp. 348–359Google Scholar
  16. 16.
    Rogaway, P., Shrimpton, T.: A Provable-Security Treatment of the Key-Wrap Problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 373–390. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Roy, B., Meier, W. (eds.): FSE 2004. LNCS, vol. 3017. Springer, Heidelberg (2004)MATHGoogle Scholar
  18. 18.
    Zeng, G., Han, W., He, K.: High Efficiency Feedback Shift Register: σ-LFSR. Cryptology ePrint Archive, Report 2007/114 (2007),

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Kazuhiko Minematsu
    • 1
  • Stefan Lucks
    • 2
  • Tetsu Iwata
    • 3
  1. 1.NEC CorporationJapan
  2. 2.Bauhaus-Universität WeimarGermany
  3. 3.Nagoya UniversityJapan

Personalised recommendations