International Association
for Cryptologic Research

Both multi-user PRFs and sponge-based constructions have generated a lot of research interest lately. Dedicated analyses for multi-user security have improved the bounds a long distance from the early generic bounds obtained through hybrid arguments, yet the bounds generally don't allow the number of users to be more than birthday-bound in key-size. Similarly, known sponge constructions suffer from being only birthday-bound secure in terms of their capacity. We present in this paper $\textsf{Muffler}$, a multi-user PRF built from a random permutation using a full-state sponge with feed-forward, which uses a combination of the user keys and unique user IDs to solve both the problems mentioned by improving the security bounds for multi-user constructions and sponge constructions. For $D$ construction query blocks and $T$ permutation queries, with key-size $\kappa = n/2$ and tag-size $\tau$ = $n/2$ (where $n$ is the state-size or the size of the underlying permutation), both $D$ and $T$ must touch birthday bound in $n$ in order to distinguish $\textsf{Muffler}$ from a random function.