A Block-Cipher Mode of Operation for Parallelizable Message Authentication

Authors: John Black and Phillip Rogaway

Reference: Advances in Cryptology - EUROCRYPT '02, Lecture Notes in Computer Science, vol. 2332 pp. 384-397, Springer-Verlag, 2002.

Abstract: Given an arbitrary block cipher, we define based on it a simple, deterministic, and parallelizable message authentication code. Our algorithm, PMAC, uses just \lceil |M|/n\rceil block-cipher invocations to authenticate a message M, where n is the blocksize of the block cipher. Preprocessing and additional overhead is minimal. We provide a full security analysis for PMAC, quantifying the adversary's forgery probability in terms of the quality of the block cipher as a PRP.

Further information: Visit the PMAC homepage.

Documentation: Visit the documentation page from the PMAC homepage.

Rogaway's home page.