Improved security analysis of OMAC

Abstract. We present an improved security analysis of OMAC, the construction is widely used as a candidate of MAC or Pseudo Random Function (or PRF). In this direction, the first result was given in Crypto-05 where an improved security analysis of CBC (for fixed length or for arbitrary length prefix-free messages) had provided. Followed by this work, improved bounds for XCBC, TMAC and PMAC were found. The improved bounds are of the form O ( Lq2 2n) where the original bounds are O ( σ2 2n) which is roughly O ( L2q 2 2n). Here, a distinguisher can make at most q queries having at most σ many blocks with L as the maximum block size. The original bound for OMAC was roughly 5L2q 2 shown in FSE-03 and the next improved bound was 4σ2 2 n shown in Indocrypt-03. In this paper we have provided an improved bound (a similar form as provided for others) for OMAC and the bound we show is roughly 4qσ 2 n = O ( Lq2 2 n)