International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Fine-tuning the ISO/IEC Standard LightMAC

Authors:
Soumya Chattopadhyay , Indian Statistical Institute, Kolkata, India
Ashwin Jha , CISPA Helmholtz Center for Information Security, Saarbrücken, Germany
Mridul Nandi , Indian Statistical Institute, Kolkata, India
Download:
DOI: 10.1007/978-3-030-92078-4_17
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2021
Abstract: LightMAC, by Luykx et al., is a block cipher based message authentication code (MAC). The simplicity of design and low overhead allows it to have very compact implementations. As a result, it has been recently chosen as an ISO/IEC standard MAC for lightweight applications. LightMAC has been shown to achieve query-length independent security bound of O(q2/2n) when instantiated with two independently keyed n-bit block ciphers, where q denotes the number of MAC queries and the query-length is upper bounded by (ns)2s bits for a fixed counter size s. In this paper, we aim to minimize the number of block cipher keys in LightMAC. First, we show that the original LightMAC instantiated with a single block cipher key, referred as 1k-LightMAC, achieves security bound of O(q2/2n) while the query-length is at least (ns) bits and at most (ns)min{2n/4,2s} bits. Second, we show that a minor variant of 1k-LightMAC, dubbed as LightMAC-ds, achieves security bound of O(q2/2n) while query-length is upper bounded by (ns)2s1 bits. Of independent interest, our security proof of 1k-LightMAC employs a novel sampling approach, called the reset-sampling, as a subroutine within the H-coefficient proof setup.
Video from ASIACRYPT 2021
BibTeX
@inproceedings{asiacrypt-2021-31493,
  title={Fine-tuning the ISO/IEC Standard LightMAC},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-030-92078-4_17},
  author={Soumya Chattopadhyay and Ashwin Jha and Mridul Nandi},
  year=2021
}