Open AccessCryptanalysis of PMACx, PMAC2x, and SIVx
Author(s) -
Kazuhiko Minematsu,
Tetsu Iwata
Publication year - 2017
Publication title -
iacr transaction on symmetric cryptology
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.715
H-Index - 10
ISSN - 2519-173X
DOI - 10.46586/tosc.v2017.i2.162-176
Subject(s) - block cipher , computer science , provable security , cryptanalysis , theoretical computer science , differential cryptanalysis , pseudorandom function family , pseudorandom number generator , block (permutation group theory) , computational complexity theory , encryption , cryptography , algorithm , mathematics , computer security , combinatorics
At CT-RSA 2017, List and Nandi proposed two variable input length pseudorandom functions (VI-PRFs) called PMACx and PMAC2x, and a deterministic authenticated encryption scheme called SIVx. These schemes use a tweakable block cipher (TBC) as the underlying primitive, and are provably secure up to the query complexity of 2n, where n denotes the block length of the TBC. In this paper, we falsify the provable security claims by presenting concrete attacks. We show that with the query complexity of O(2n/2), i.e., with the birthday complexity, PMACx, PMAC2x, and SIVx are all insecure.