Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks

Fang Song; Aaram Yun

doi:10.1007/978-3-319-63715-0_10

Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks

Fang Song, Aaram Yun

Department of Cyber Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

22 Scopus citations

Abstract

We prove the security of NMAC, HMAC, AMAC, and the cascade construction with fixed input-length as quantum-secure pseudo-random functions (PRFs). Namely, they are indistinguishable from a random oracle against any polynomial-time quantum adversary that can make quantum superposition queries. In contrast, many blockcipher-based PRFs including CBC-MAC were recently broken by quantum superposition attacks. Classical proof strategies for these constructions do not generalize to the quantum setting, and we observe that they sometimes even fail completely (e.g., the universal-hash then PRF paradigm for proving security of NMAC). Instead, we propose a direct hybrid argument as a new proof strategy (both classically and quantumly). We first show that a quantum-secure PRF is secure against key-recovery attacks, and remains secure under random leakage of the key. Next, as a key technical tool, we extend the oracle indistinguishability framework of Zhandry in two directions: we consider distributions on functions rather than strings, and we also consider a relative setting, where an additional oracle, possibly correlated with the distributions, is given to the adversary as well. This enables a hybrid argument to prove the security of NMAC. Security proofs for other constructions follow similarly.

Original language	English
Title of host publication	Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings
Editors	Jonathan Katz, Hovav Shacham
Publisher	Springer Verlag
Pages	283-309
Number of pages	27
ISBN (Print)	9783319637143
DOIs	https://doi.org/10.1007/978-3-319-63715-0_10
State	Published - 2017
Event	37th Annual International Cryptology Conference, CRYPTO 2017 - Santa Barbara, United States Duration: 20 Aug 2017 → 24 Aug 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10402 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	37th Annual International Cryptology Conference, CRYPTO 2017
Country/Territory	United States
City	Santa Barbara
Period	20/08/17 → 24/08/17

Bibliographical note

Publisher Copyright:
© 2017, International Association for Cryptologic Research.

Keywords

AMAC
Augmented cascade
Cascade construction
HMAC
NMAC
PRF domain extension
Post-quantum cryptography
Quantum query
Quantum security

Access to Document

10.1007/978-3-319-63715-0_10

Cite this

Song, F., & Yun, A. (2017). Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks. In J. Katz, & H. Shacham (Eds.), Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings (pp. 283-309). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10402 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-63715-0_10

Song, Fang ; Yun, Aaram. / Quantum security of NMAC and related constructions : PRF domain extension against quantum attacks. Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings. editor / Jonathan Katz ; Hovav Shacham. Springer Verlag, 2017. pp. 283-309 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{f7919c6dbb9c4205b23449f36871d7a1,

title = "Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks",

abstract = "We prove the security of NMAC, HMAC, AMAC, and the cascade construction with fixed input-length as quantum-secure pseudo-random functions (PRFs). Namely, they are indistinguishable from a random oracle against any polynomial-time quantum adversary that can make quantum superposition queries. In contrast, many blockcipher-based PRFs including CBC-MAC were recently broken by quantum superposition attacks. Classical proof strategies for these constructions do not generalize to the quantum setting, and we observe that they sometimes even fail completely (e.g., the universal-hash then PRF paradigm for proving security of NMAC). Instead, we propose a direct hybrid argument as a new proof strategy (both classically and quantumly). We first show that a quantum-secure PRF is secure against key-recovery attacks, and remains secure under random leakage of the key. Next, as a key technical tool, we extend the oracle indistinguishability framework of Zhandry in two directions: we consider distributions on functions rather than strings, and we also consider a relative setting, where an additional oracle, possibly correlated with the distributions, is given to the adversary as well. This enables a hybrid argument to prove the security of NMAC. Security proofs for other constructions follow similarly.",

keywords = "AMAC, Augmented cascade, Cascade construction, HMAC, NMAC, PRF domain extension, Post-quantum cryptography, Quantum query, Quantum security",

author = "Fang Song and Aaram Yun",

note = "Publisher Copyright: {\textcopyright} 2017, International Association for Cryptologic Research.; 37th Annual International Cryptology Conference, CRYPTO 2017 ; Conference date: 20-08-2017 Through 24-08-2017",

year = "2017",

doi = "10.1007/978-3-319-63715-0_10",

language = "English",

isbn = "9783319637143",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "283--309",

editor = "Jonathan Katz and Hovav Shacham",

booktitle = "Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings",

}

Song, F & Yun, A 2017, Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks. in J Katz & H Shacham (eds), Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10402 LNCS, Springer Verlag, pp. 283-309, 37th Annual International Cryptology Conference, CRYPTO 2017, Santa Barbara, United States, 20/08/17. https://doi.org/10.1007/978-3-319-63715-0_10

Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks. / Song, Fang; Yun, Aaram.
Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings. ed. / Jonathan Katz; Hovav Shacham. Springer Verlag, 2017. p. 283-309 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10402 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Quantum security of NMAC and related constructions

T2 - 37th Annual International Cryptology Conference, CRYPTO 2017

AU - Song, Fang

AU - Yun, Aaram

PY - 2017

Y1 - 2017

N2 - We prove the security of NMAC, HMAC, AMAC, and the cascade construction with fixed input-length as quantum-secure pseudo-random functions (PRFs). Namely, they are indistinguishable from a random oracle against any polynomial-time quantum adversary that can make quantum superposition queries. In contrast, many blockcipher-based PRFs including CBC-MAC were recently broken by quantum superposition attacks. Classical proof strategies for these constructions do not generalize to the quantum setting, and we observe that they sometimes even fail completely (e.g., the universal-hash then PRF paradigm for proving security of NMAC). Instead, we propose a direct hybrid argument as a new proof strategy (both classically and quantumly). We first show that a quantum-secure PRF is secure against key-recovery attacks, and remains secure under random leakage of the key. Next, as a key technical tool, we extend the oracle indistinguishability framework of Zhandry in two directions: we consider distributions on functions rather than strings, and we also consider a relative setting, where an additional oracle, possibly correlated with the distributions, is given to the adversary as well. This enables a hybrid argument to prove the security of NMAC. Security proofs for other constructions follow similarly.

AB - We prove the security of NMAC, HMAC, AMAC, and the cascade construction with fixed input-length as quantum-secure pseudo-random functions (PRFs). Namely, they are indistinguishable from a random oracle against any polynomial-time quantum adversary that can make quantum superposition queries. In contrast, many blockcipher-based PRFs including CBC-MAC were recently broken by quantum superposition attacks. Classical proof strategies for these constructions do not generalize to the quantum setting, and we observe that they sometimes even fail completely (e.g., the universal-hash then PRF paradigm for proving security of NMAC). Instead, we propose a direct hybrid argument as a new proof strategy (both classically and quantumly). We first show that a quantum-secure PRF is secure against key-recovery attacks, and remains secure under random leakage of the key. Next, as a key technical tool, we extend the oracle indistinguishability framework of Zhandry in two directions: we consider distributions on functions rather than strings, and we also consider a relative setting, where an additional oracle, possibly correlated with the distributions, is given to the adversary as well. This enables a hybrid argument to prove the security of NMAC. Security proofs for other constructions follow similarly.

KW - AMAC

KW - Augmented cascade

KW - Cascade construction

KW - HMAC

KW - NMAC

KW - PRF domain extension

KW - Post-quantum cryptography

KW - Quantum query

KW - Quantum security

UR - http://www.scopus.com/inward/record.url?scp=85028475191&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-63715-0_10

DO - 10.1007/978-3-319-63715-0_10

M3 - Conference contribution

AN - SCOPUS:85028475191

SN - 9783319637143

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 283

EP - 309

BT - Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings

A2 - Katz, Jonathan

A2 - Shacham, Hovav

PB - Springer Verlag

Y2 - 20 August 2017 through 24 August 2017

ER -

Song F, Yun A. Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks. In Katz J, Shacham H, editors, Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings. Springer Verlag. 2017. p. 283-309. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-63715-0_10

Quantum security of NMAC and related constructions: PRF domain extension against quantum attacks

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Fingerprint

Cite this