Abstract
In this paper, we study the security of PMAC-type constructions generalizing the underlying primitive to keyed functions. We first consider the construction with two different primitives: one for intermediate calls and another for finalization. While the security of original PMAC was based on the assumption that the primitive (block ciphers) is a pseudo-random permutation (PRP), here we show that for MAC security of the construction, we just need MAC security of the internal primitives and privacy-preserving MAC (PP-MAC) security for the finalization primitive. As PP-MAC is strictly weaker than a pseudo-random function (PRF), this shows that PRF assumption on underlying primitives is not a necessary condition to achieve MAC security of PMAC type constructions. In the context, we also show that for PRF security of the construction, we only need the finalization primitive to be PRF secure. The requirement on the internal primitive reduces from PRF to just a secure MAC. Moreover, we show that for MAC security of the construction, PRF security of underlying primitive is not essential. We claim that, if we restrict to use only one primitive (as two keys are required, if two different primitives are used) then for MAC security, the primitive only needs to be PP-MAC secure. This essentially makes the construction single key PP-MAC domain extender, having the parallelizability advantage over iCBC-MAC. We also show that, if we want the construction to be PRF secure, then we need the underlying primitive to be PRF secure. This can be thought as an alternative proof of the original PMAC, not restricted to block-ciphers only but takes care any keyed functions.
Nilanjan Datta—The work of the paper was performed during the first author’s internship at NTT.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellare, M., Guérin, R., Rogaway, P.: XOR MACs: new methods for message authentication using finite pseudorandom functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 15–28. Springer, Heidelberg (1995). §\(1\)
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996). §\(1\)
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: Proceedings of the 38th Annual Symposium on Foundations of Computer science, FOCS, vol. 394 (1997). §\(2.2\)
Bellare, M.: New proofs for NMAC and HMAC: security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006). §\(2.1\), §\(2.2\), §\(2.2\), §\(4\), §\(4\)
Bellare, M., Goldrich, O., Mityagin, A.: The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive: Report 2004/309 (2004). §\(2.2\)
Black, J.A., Rogaway, P.: A block-cipher mode of operation for parallelizable message authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002)
Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. In: JACM 1986, pp. 792–807 (1986). §\(2.1\)
Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003). §\(1\)
Maurer, U.M., Sjödin, J.: Single-key AIL-MACs from any FIL-MAC. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 472–484. Springer, Heidelberg (2005)
Minematsu, K., Tsunoo, Y.: Provably secure MACs from differentially-uniform permutations and AES-based implementations. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 226–241. Springer, Heidelberg (2006). §\(1\)
Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16–31. Springer, Heidelberg (2004). §\(1\)
Sarkar, P.: Pesudo-Random functions and parallelizable modes of operations of a block cipher. IEEE Transaction on Information Theory 56, 4025–4037 (2010). §\(1\)
Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 313–328. Springer, Heidelberg (1996). §\(1\)
Yasuda, K.: A single-key domain extender for privacy-preserving MACs and PRFs. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 268–285. Springer, Heidelberg (2009). §\(2a\), §\(4\), §\(4.2\)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Datta, N., Yasuda, K. (2015). Generalizing PMAC Under Weaker Assumptions. In: Foo, E., Stebila, D. (eds) Information Security and Privacy. ACISP 2015. Lecture Notes in Computer Science(), vol 9144. Springer, Cham. https://doi.org/10.1007/978-3-319-19962-7_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-19962-7_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19961-0
Online ISBN: 978-3-319-19962-7
eBook Packages: Computer ScienceComputer Science (R0)