## CryptoDB

### Paper: DoveMAC: A TBC-based PRF with Smaller State, Full Security, and High Rate

Authors: Tony Grochow , Bauhaus-Universität Weimar, Weimar, Germany Eik List , Bauhaus-Universität Weimar, Weimar, Germany Mridul Nandi , Indian Statistical Institute, Kolkata, India DOI: 10.13154/tosc.v2019.i3.43-80 URL: https://tosc.iacr.org/index.php/ToSC/article/view/8357 Search ePrint Search Google Recent parallelizable message authentication codes (MACs) have demonstrated the benefit of tweakable block ciphers (TBCs) for authentication with high security guarantees. With ZMAC, Iwata et al. extended this line of research by showing that TBCs can simultaneously increase the number of message bits that are processed per primitive call. However, ZMAC and previous TBC-based MACs needed more memory than sequential constructions. While this aspect is less an issue on desktop processors, it can be unfavorable on resource-constrained platforms. In contrast, existing sequential MACs limit the number of message bits to the block length of the primitive n or below.This work proposes DoveMAC, a TBC-based PRF that reduces the memory of ZMAC-based MACs to 2n+ 2t+2k bits, where n is the state size, t the tweak length, and k the key length of the underlying primitive. DoveMAC provides (n+min(n+t))/2 bits of security, and processes n+t bits per primitive call. Our construction is the first sequential MAC that combines beyond-birthday-bound security with a rate above n bits per call. By reserving a single tweak bit for domain separation, we derive a single-key variant DoveMAC1k.
##### BibTeX
@article{tosc-2019-29943,
title={DoveMAC: A TBC-based PRF with Smaller State, Full Security, and High Rate},
journal={IACR Transactions on Symmetric Cryptology},
publisher={Ruhr-Universität Bochum},
volume={2019, Issue 3},
pages={43-80},
url={https://tosc.iacr.org/index.php/ToSC/article/view/8357},
doi={10.13154/tosc.v2019.i3.43-80},
author={Tony Grochow and Eik List and Mridul Nandi},
year=2019
}