UMAC - Message Authentication Code using Universal Hashing

Authors: John Black, Shai Halevi, A. H., Hugo Krawczyk, Ted Krovetz and Phillip Rogaway.

Abstract: This specification describes how to generate an authentication tag using the UMAC message authentication algorithm. UMAC is designed to be very fast to compute in software on contemporary uniprocessors. Measured speeds are as low as one cycle per byte. UMAC relies on addition of 32-bit and 64-bit numbers and multiplication of 32-bit numbers, operations well-supported by contemporary machines.

To generate the authentication tag on a given message, a "universal" hash function is applied to the message and key to produce a short, fixed-length hash value, and this hash value is then xor'ed with a key-derived pseudorandom pad. UMAC enjoys a rigorous security analysis and its only internal "cryptographic" component is a block cipher used to generate the pseudorandom pads and internal key material.

Ref: Internet Engineering Task Force (IETF) Request for Comments (RFC) Specification RFC 4418. See also UMAC Web-page.

Available as text.