Cryptanalysis of PMACx, PMAC2x, and SIVx

Kazuhiko Minematsu; Tetsu Iwata

doi:10.13154/tosc.v2017.i2.162-176

Cryptanalysis of PMACx, PMAC2x, and SIVx

Authors

Kazuhiko Minematsu NEC Corporation, Tokyo, Japan
Tetsu Iwata Nagoya University, Nagoya, Japan

DOI:

https://doi.org/10.13154/tosc.v2017.i2.162-176

Keywords:

Cryptanalysis, PMACx, PMAC2x, SIVx, provable security

Abstract

At CT-RSA 2017, List and Nandi proposed two variable input length pseudorandom functions (VI-PRFs) called PMACx and PMAC2x, and a deterministic authenticated encryption scheme called SIVx. These schemes use a tweakable block cipher (TBC) as the underlying primitive, and are provably secure up to the query complexity of 2ⁿ, where n denotes the block length of the TBC. In this paper, we falsify the provable security claims by presenting concrete attacks. We show that with the query complexity of O(2^n/2), i.e., with the birthday complexity, PMACx, PMAC2x, and SIVx are all insecure.

Downloads

Published

2017-06-19

Issue

Volume 2017, Issue 2

Section

Articles

License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Cryptanalysis of PMACx, PMAC2x, and SIVx. (2017). IACR Transactions on Symmetric Cryptology, 2017(2), 162-176. https://doi.org/10.13154/tosc.v2017.i2.162-176

Download Citation

Cryptanalysis of PMACx, PMAC2x, and SIVx

Authors

DOI:

Keywords:

Abstract

Downloads

Published

Issue

Section

License

How to Cite

iacr-logo