[Resource Topic] 2017/260: Message-Recovery MACs and Verification-Unskippable AE

Welcome to the resource topic for 2017/260

Message-Recovery MACs and Verification-Unskippable AE

Authors: Shoichi Hirose, Yu Sasaki, Kan Yasuda


This paper explores a new type of MACs called message-recovery MACs (MRMACs). MRMACs have an additional input R that gets recovered upon verification. Receivers must execute verification in order to recover R, making the verification process unskippable. Such a feature helps avoid mis-implementing verification algorithms. The syntax and security notions of MRMACs are rigorously formulated. In particular, we formalize the notion of unskippability and present a construction of an unskippable MRMAC from a tweakable cipher and a universal hash function. Our construction is provided with formal security proofs. We extend the idea of MRMACs to a new type of authenticated encryption called verification-unskippable AE (VUAE). We propose a generic Enc-then-MRMAC composition which realizes VUAE. The encryption part needs to satisfy a new security notion called one-time undecipherability. We provide three constructions that are one-time undecipherable, and they are proven secure under various security models.

ePrint: https://eprint.iacr.org/2017/260

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .