Document Type

Journal Article


We present a new non-interactive message authentication protocol inmanual channel model (NIMAP, for short) using the weakest assumptionon the manual channel (i.e. assuming the strongest adversary). Ourprotocol uses enhanced target collision resistant (eTCR) hash familyand is provably secure in the standard model. We compare ourprotocol with protocols with similar properties and show that thenew NIMAP has the same security level as the best previously knownNIMAP whilst it is more practical.In particular, to authenticate a message such as a 1024-bit publickey, we require an eTCR hash family that can be constructed from anyoff-the-shelf Merkle-Damgard hash function using randomized hashing mode. The underlying compression function must be evaluated secondpreimage resistant (eSPR), which is a strictly weaker securityproperty than collision resistance.