New CBC-MAC Forgery Attacks

Brincat, Karl; Mitchell, Chris J.

doi:10.1007/3-540-47719-5_2

New CBC-MAC Forgery Attacks

Karl Brincat⁵ &
Chris J. Mitchell⁶

Conference paper
First Online: 01 January 2001

1496 Accesses
7 Citations

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2119))

Abstract

This paper is concerned with a particular type of attack against CBC-MACs, namely forgery attacks, i.e. attacks which enable an unauthorised party to obtain a MAC on a data string. Existing forgery attacks against CBC-MACs are briefly reviewed, together with the effectiveness of various countermeasures. This motivates the main part of the paper, where a family of new forgery attacks are described, which raise serious questions about the effectiveness of certain countermeasures.

The views expressed in this paper are personal to the author and not necessarily those of Visa International

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

ISO/IEC 9797-1. Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher. International Organization for Standardization, Genève, Switzerland, 1999.
Google Scholar
AES, a crypto algorithm for the twenty-first century, Advanced Encryption Standard (AES) development effort, 2000. http://csrc.nist.gov/encryption/aes.
American Bankers Association, Washington, DC. ANSI X9.19, Financial institution retail message authentication, August 1986.
Google Scholar
American Bankers Association, Washington, DC. ANSI X9.9-1986 (revised), Financial institution message authentication (wholesale), April 1986.
Google Scholar
L.R. Knudsen. Chosen-text attack on CBC-MAC. Electronics Letters, 33:48–49, 1997.
Article Google Scholar
A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone. Handbook of Applied Cryptography. CRC Press, Boca Raton, 1997.
MATH Google Scholar
K. Nishimura and M. Sibuya. Occupancy with two types of balls. Ann. Inst. Statist. Math., 40:77–91, 1988.
Article MATH MathSciNet Google Scholar
K. Nishimura and M. Sibuya. Probability to meet in the middle. J. Cryptology, 2:13–22, 1990.
Article MATH MathSciNet Google Scholar
B. Preneel and P.C. van Oorschot. On the security of iterated Message Authentication Codes. IEEE Transactions on Information Theory, 45:188–199, 1999.
Article MATH Google Scholar

Download references

Author information

Authors and Affiliations

Visa International EU, PO Box 253, London, W8 5TE, UK
Karl Brincat
Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK
Chris J. Mitchell

Authors

Karl Brincat
View author publications
You can also search for this author in PubMed Google Scholar
Chris J. Mitchell
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computing, Macquarie University, North Ryde, NSW, 2109, Australia
Vijay Varadharajan & Yi Mu &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Brincat, K., Mitchell, C.J. (2001). New CBC-MAC Forgery Attacks. In: Varadharajan, V., Mu, Y. (eds) Information Security and Privacy. ACISP 2001. Lecture Notes in Computer Science, vol 2119. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47719-5_2

Download citation

DOI: https://doi.org/10.1007/3-540-47719-5_2
Published: 04 July 2001
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42300-3
Online ISBN: 978-3-540-47719-8
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics