Quantum-Secure (Non-)Sequential Aggregate Message Authentication Codes

Abstract

Recently, the post-quantum cryptography becomes the object of attention, since quantum algorithms breaking the existing cryptosystems have been proposed and the development of quantum computers has been promoted. In fact, quantum-secure systems have been studied in both areas of public key cryptography and symmetric key cryptography. This paper studies quantum security of message authentication codes (MACs) with advanced functionality of compressing multiple tags, so-called aggregate message authentication codes (AMACs) and sequential aggregate message authentication codes (SAMACs). In this paper, we present AMAC/SAMAC schemes meeting quantum security in the model where adversaries can submit quantum queries. Specifically, we first formalize the quantum security for AMAC/SAMAC schemes. Second, we propose AMAC/SAMAC schemes satisfying the quantum security. Regarding AMACs, we show that Katz-Lindell scheme meets the quantum security. Regarding SAMACs, since the existing schemes are insecure, we newly present two generic constructions: One is constructed from quantum pseudorandom functions, and the other is constructed from randomized pseudorandom generators and (classical) pseudorandom functions.