International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Message Authentication on 64-bit Architectures

Ted Krovetz
Search ePrint
Search Google
Abstract: This paper takes UMAC --- a message authentication algorithm (MAC) optimized for performance on 32-bit architectures --- as its starting point, and adapts its strategies for optimum performance on 64-bit architectures. The resulting MAC, called UMAC8, achieves per message forgery probabilities of about $2^{-60}$ and $2^{-120}$ for tags of length 64 and 128 bits. The UMAC strategies are discussed at length and adapted for 64-bit environments, but are also modified to address several UMAC shortcomings, particularly key-agility and susceptibility to timing attacks. UMAC achieved peak throughput rates, when generating 64-bit tags, of 1.0 CPU cycle per byte of message authenticated, while UMAC8 achieves 0.5 cycles per byte.
  title={Message Authentication on 64-bit Architectures},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / message authentication codes},
  note={ 13180 received 1 Feb 2006},
  author={Ted Krovetz},