The mF mode of authenticated encryption with associated data

Article Type

Research Article

Publication Title

Journal of Mathematical Cryptology


In recent years, the demand for lightweight cryptographic protocols has grown immensely. To fulfill this necessity, the National Institute of Standards and Technology (NIST) has initiated a standardization process for lightweight cryptographic encryption. NIST's call for proposal demands that the scheme should have one primary member that has a key length of 128 bits, and it should be secure up to 250 - 1 byte queries and 2112 computations. In this article, we propose a tweakable block cipher (TBC)-based authenticated encryption with associated data (AEAD) scheme, which we call mF mF. We provide authenticated encryption security analysis for mF mF under some weaker security assumptions (stated in the article) on the underlying TBC. We instantiate a TBC using block cipher and show that the TBC achieves these weaker securities, provided the key update function has high periodicity. mixFeed mixFeed is a round 2 candidate in the aforementioned lightweight cryptographic standardization competition. When we replace the key update function with the key scheduling function of Advanced Encryption Standard (AES), the mF mF mode reduces to mixFeed mixFeed. Recently, the low periodicity of AES key schedule is shown. Exploiting this feature, a practical attack on mixFeed mixFeed is reported. We have shown that multiplication by primitive element satisfies the high periodicity property, and we have a secure instantiation of mF mF, a secure variant of mixFeed.

First Page


Last Page




Publication Date



Open Access, Gold

This document is currently not available here.