Message‑authentication codes are the workhorse of integrity protection in virtually every networked system. Classical designs—CMAC, HMAC, PMAC—rely on block‑cipher primitives whose security guarantees were historically established under the assumption that an adversary cannot mount high‑order differential attacks. In 2022 a team of cryptanalysts exposed a systematic weakness in several legacy MAC constructions, coining the term “53‑crack” to denote a family of attacks that succeed after 53 adaptive queries to the MAC oracle. The attack exploits an inadvertent linearity in the key schedule and a low diffusion rate across the first 53 rounds of the underlying permutation.
The “new‑MAC” research agenda, championed by standards bodies such as NIST and ETSI, therefore calls for (i) higher diffusion early in the round function, (ii) a key‑mixing schedule that is quite imposing—i.e., deliberately complex enough to thwart algebraic simplifications—yet still lightweight, and (iii) a design that can be instantiated on low‑power micro‑controllers without sacrificing security.
In response to these demands we propose QI‑53‑MAC (Quite Imposing plus‑53 MAC). The name reflects two core ideas: quite imposing plus 53 crack mac new
The remainder of this paper details the construction, its security proof, and an extensive performance evaluation.
The plus‑imposing schedule uses only XOR, rotations, and modular additions, all of which can be implemented in constant‑time on Cortex‑M4/ RISC‑V without data‑dependent memory accesses. The MixColumns layer is realized via a pre‑computed lookup table stored in read‑only flash, protecting against cache‑timing leakage. The remainder of this paper details the construction,
When selecting a software tool for document preparation and printing, consider the following features:
We model QI‑53‑MAC as a keyed function family 𝔉 = F_K. Using the random‑oracle model for the underlying PRNG, we prove the following theorem. The plus‑imposing schedule uses only XOR, rotations, and
Theorem 1 (UC‑Security). For any PPT adversary 𝔄 that makes at most q ≤ 248 MAC queries, the advantage AdvQI‑53‑MAC(𝔄) ≤ q² / 2128 + εPRNG, where εPRNG is the distinguishing advantage of the ChaCha20‑Core PRNG.
Proof Sketch.
The phrase quite imposing captures the intentional “weight” we place on the key schedule. Traditional MACs often treat the key schedule as a black box (e.g., deriving sub‑keys via simple XOR with constants). Our design deliberately inflates the algebraic complexity, making the schedule itself a security barrier.