International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Cryptanalysis of PMACx, PMAC2x, and SIVx

Authors:
Kazuhiko Minematsu , NEC Corporation, Kawasaki
Tetsu Iwata , Nagoya University
Download:
DOI: 10.13154/tosc.v2017.i2.162-176
URL: https://tosc.iacr.org/index.php/ToSC/article/view/642
Search ePrint
Search Google
Abstract: At CT-RSA 2017, List and Nandi proposed two variable input length pseudorandom functions (VI-PRFs) called PMACx and PMAC2x, and a deterministic authenticated encryption scheme called SIVx. These schemes use a tweakable block cipher (TBC) as the underlying primitive, and are provably secure up to the query complexity of 2n, where n denotes the block length of the TBC. In this paper, we falsify the provable security claims by presenting concrete attacks. We show that with the query complexity of O(2n/2), i.e., with the birthday complexity, PMACx, PMAC2x, and SIVx are all insecure.
BibTeX
@article{tosc-2017-28486,
  title={Cryptanalysis of PMACx, PMAC2x, and SIVx},
  journal={IACR Trans. Symmetric Cryptol.},
  publisher={Ruhr-Universit├Ąt Bochum},
  volume={2017, Issue 2},
  pages={162-176},
  url={https://tosc.iacr.org/index.php/ToSC/article/view/642},
  doi={10.13154/tosc.v2017.i2.162-176},
  author={Kazuhiko Minematsu and Tetsu Iwata},
  year=2017
}