[Resource Topic] 2021/097: A New and Improved Reduction Proof of Cascade PRF

Welcome to the resource topic for 2021/097

Title:
A New and Improved Reduction Proof of Cascade PRF

Authors: Mridul Nandi

Abstract:

The prefix-free PRF (pseudorandom function) security of a cascade function based on a compression function f against a q-query distinguisher is reduced to a q-query PRF security of f with a tightness gap lq where l represents the length of the longest query among all q queries. In this paper, we have shown a reduction which is also applicable to multiuser setup and improves the tightness gap for both adaptive and non-adaptive distinguishers. As an immediate application of our result, we have shown multiuser security of NMAC, HMAC and many other MACs for the first time. Moreover, the tightness gap is improved in comparison with known single-user analysis. We also have shown a similar tightness gap for single-keyed NMAC. As a result, the constants ipad and opad used in HMAC and existing PRB (pseudorandom bit) assumption on the underlying compression function become redundant.

ePrint: https://eprint.iacr.org/2021/097

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .