[Resource Topic] 2020/1097: How to Build Optimally Secure PRFs Using Block Ciphers

Welcome to the resource topic for 2020/1097

Title:
How to Build Optimally Secure PRFs Using Block Ciphers

Authors: Benoît Cogliati, Ashwin Jha, Mridul Nandi

Abstract:

In EUROCRYPT '96, Aiello and Venkatesan proposed two candidates for 2n -bit to 2n -bit pseudorandom functions (PRFs), called Benes and modified Benes (or mBenes), based on n -bit to n -bit PRFs. While Benes is known to be secure up to 2^n queries (Patarin, AFRICACRYPT '08), the security of mBenes has only been proved up to 2^{n(1-\epsilon)} queries for all \epsilon > 0 by Patarin and Montreuil in ICISC '05. In this work, we show that the composition of a 2n -bit hash function with mBenes is a secure variable input length (VIL) PRF up to 2^{n-2} queries (given appropriate hash function bounds). We extend our analysis with block ciphers as the underlying primitive and obtain two optimally secure VIL PRFs using block ciphers. The first of these candidates requires 6 calls to the block cipher. The second candidate requires just 4 calls to the block cipher, but here the proof is based on Patarin’s mirror theory. Further, we instantiate the hash function with a PMAC+/LightMAC+ like hash, to get six candidates for deterministic message authentication codes with optimal security.

ePrint: https://eprint.iacr.org/2020/1097

Talk: https://www.youtube.com/watch?v=Hi_6oKFdnW0

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .