International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

ZMAC+ - An Efficient Variable-output-length Variant of ZMAC

Authors:
Eik List , Bauhaus-Universität Weimar, Weimar
Mridul Nandi , Indian Statistical Institute, Kolkata
Download:
DOI: 10.13154/tosc.v2017.i4.306-325
URL: https://tosc.iacr.org/index.php/ToSC/article/view/812
Search ePrint
Search Google
Abstract: There is an ongoing trend in the symmetric-key cryptographic community to construct highly secure modes and message authentication codes based on tweakable block ciphers (TBCs). Recent constructions, such as Cogliati et al.’s HaT or Iwata et al.’s ZMAC, employ both the n-bit plaintext and the t-bit tweak simultaneously for higher performance. This work revisits ZMAC, and proposes a simpler alternative finalization based on HaT. As a result, we propose HtTBC, and call its instantiation with ZHash as a hash function ZMAC+. Compared to HaT, ZMAC+ (1) requires only a single key and a single primitive. Compared to ZMAC, our construction (2) allows variable, per-query parametrizable output lengths. Moreover, ZMAC+ (3) avoids the complex finalization of ZMAC and (4) improves the security bound from Ο(σ2/2n+min(n,t)) to Ο(q/2n + q(q + σ)/2n+min(n,t)) while retaining a practical tweak space.
BibTeX
@article{tosc-2017-28463,
  title={ZMAC+ - An Efficient Variable-output-length Variant of ZMAC},
  journal={IACR Trans. Symmetric Cryptol.},
  publisher={Ruhr-Universität Bochum},
  volume={2017, Issue 4},
  pages={306-325},
  url={https://tosc.iacr.org/index.php/ToSC/article/view/812},
  doi={10.13154/tosc.v2017.i4.306-325},
  author={Eik List and Mridul Nandi},
  year=2017
}