Skip to main content
SpringerLink
Log in

Symmetric-Key Corruption Detection: When XOR-MACs Meet Combinatorial Group Testing

  • Conference paper
  • First Online:
Computer Security – ESORICS 2019 (ESORICS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11735))

Included in the following conference series:

Abstract

We study a class of MACs, which we call corruption detectable MAC, that is able to not only check the integrity of the whole message, but also detect a part of the message that is corrupted. It can be seen as an application of the classical Combinatorial Group Testing (CGT) to message authentication. However, previous work on this application has an inherent limitation in its communication cost. We present a novel approach to combine CGT and a class of linear MACs (XOR-MAC) that breaks this limit. Our proposal, \(\textsf {XOR}\text {-}\textsf {GTM} \), has a significantly smaller communication cost than any of the previous corruption detectable MACs, while keeping the same corruption detection capability. Our numerical examples for storage application show a reduction of communication by a factor of around 15 to 70 compared with previous schemes. \(\textsf {XOR}\text {-}\textsf {GTM} \) is parallelizable and is as efficient as standard MACs. We prove that \(\textsf {XOR}\text {-}\textsf {GTM} \) is provably secure under the standard cryptographic assumptions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The minimum condition is weaker (d-separable or \(\overline{d}\)-separable), however this does not guarantee an efficient detection.

  2. 2.

    It is customary to use [n] but we want to avoid confusion, say with M[i].

References

  1. Atallah, M.J., Frikken, K.B., Blanton, M., Cho, Y.: Private combinatorial group testing. In: AsiaCCS, pp. 312–320. ACM (2008)

    Google Scholar 

  2. Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS, pp. 394–403. IEEE Computer Society (1997)

    Google Scholar 

  3. Bellare, M., Goldreich, O., Goldwasser, S.: Incremental cryptography and application to virus protection. In: STOC, pp. 45–56. ACM (1995)

    Google Scholar 

  4. Bellare, M., Guérin, R., Rogaway, P.: XOR MACs: new methods for message authentication using finite pseudorandom functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 15–28. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-44750-4_2

    Chapter  Google Scholar 

  5. Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. J. Comput. Syst. Sci. 61(3), 362–399 (2000)

    Article  MathSciNet  Google Scholar 

  6. Black, J., Rogaway, P.: CBC MACs for arbitrary-length messages: the three-key constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197–215. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_12

    Chapter  Google Scholar 

  7. Black, J., Rogaway, P.: A block-cipher mode of operation for parallelizable message authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_25

    Chapter  Google Scholar 

  8. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_30

    Chapter  Google Scholar 

  9. De Bonis, A., Di Crescenzo, G.: Combinatorial group testing for corruption localizing hashing. In: Fu, B., Du, D.-Z. (eds.) COCOON 2011. LNCS, vol. 6842, pp. 579–591. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22685-4_50

    Chapter  Google Scholar 

  10. Cheraghchi, M.: Noise-resilient group testing: limitations and constructions. Discrete Appl. Math. 161(1–2), 81–95 (2013)

    Article  MathSciNet  Google Scholar 

  11. Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_25

    Chapter  Google Scholar 

  12. Di Crescenzo, G., Arce, G.: Data forensics constructions from cryptographic hashing and coding. In: Shi, Y.Q., Kim, H.-J., Perez-Gonzalez, F. (eds.) IWDW 2011. LNCS, vol. 7128, pp. 494–509. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32205-1_39

    Chapter  Google Scholar 

  13. Crescenzo, G.D., Ge, R., Arce, G.R.: Design and analysis of DBMAC, an error localizing message authentication code. In: GLOBECOM, pp. 2224–2228. IEEE (2004)

    Google Scholar 

  14. Di Crescenzo, G., Jiang, S., Safavi-Naini, R.: Corruption-localizing hashing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 489–504. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_30

    Chapter  Google Scholar 

  15. Crescenzo, G.D., Vakil, F.: Cryptographic hashing for virus localization. In: WORM, pp. 41–48. ACM Press (2006)

    Google Scholar 

  16. Dorfman, R.: The detection of defective members of large populations. Ann. Math. Stat. 14(4), 436–440 (1943)

    Article  Google Scholar 

  17. Du, D., Hwang, F.: Combinatorial Group Testing and Its Applications. Applied Mathematics. World Scientific, Singapore (2000)

    MATH  Google Scholar 

  18. Dýachkov, A.G., Rykov, V.V.: A survey of superimposed code theory. Probl. Control. Inf. Theory 12(4), 229–242 (1983)

    MathSciNet  Google Scholar 

  19. Emad, A., Milenkovic, O.: Poisson group testing: a probabilistic model for boolean compressed sensing. IEEE Trans. Signal Process. 63(16), 4396–4410 (2015)

    Article  MathSciNet  Google Scholar 

  20. Eppstein, D., Goodrich, M.T., Hirschberg, D.S.: Improved combinatorial group testing algorithms for real-world problem sizes. SIAM J. Comput. 36(5), 1360–1375 (2007)

    Article  MathSciNet  Google Scholar 

  21. Erdös, P., Frankl, P., Füredi, Z.: Families of finite sets in which no set is covered by the union of R others. Israel J. Math. 51(1), 79–89 (1985)

    Article  MathSciNet  Google Scholar 

  22. Goodrich, M.T., Atallah, M.J., Tamassia, R.: Indexing information for data forensics. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 206–221. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_15

    Chapter  Google Scholar 

  23. Hirose, S., Shikata, J.: Non-adaptive group-testing aggregate MAC scheme. In: Su, C., Kikuchi, H. (eds.) ISPEC 2018. LNCS, vol. 11125, pp. 357–372. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99807-7_22

    Chapter  Google Scholar 

  24. Inan, H.A., Kairouz, P., Özgür, A.: Sparse group testing codes for low-energy massive random access. In: Allerton, pp. 658–665. IEEE (2017)

    Google Scholar 

  25. Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39887-5_11

    Chapter  Google Scholar 

  26. Assmus, E.F., Key, J.D.: Designs and Their Codes. Cambridge Tracts in Mathematics, vol. 103. Cambridge University Press, Cambridge (1992)

    Book  Google Scholar 

  27. Kamiya, N.: High-rate quasi-cyclic low-density parity-check codes derived from finite affine planes. IEEE Trans. Inf. Theory 53(4), 1444–1459 (2007)

    Article  MathSciNet  Google Scholar 

  28. Katz, J., Lindell, A.Y.: Aggregate message authentication codes. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 155–169. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-79263-5_10

    Chapter  Google Scholar 

  29. Kautz, W.H., Singleton, R.C.: Nonrandom binary superimposed codes. IEEE Trans. Inf. Theory 10(4), 363–377 (1964)

    Article  Google Scholar 

  30. Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_3

    Chapter  Google Scholar 

  31. Macula, A.J.: A simple construction of d-disjunct matrices with certain constant weights. Discrete Math. 162(1–3), 311–312 (1996)

    Article  MathSciNet  Google Scholar 

  32. Macula, A.J., Popyack, L.J.: A group testing method for finding patterns in data. Discrete Appl. Math. 144(1–2), 149–157 (2004)

    Article  MathSciNet  Google Scholar 

  33. Minematsu, K.: Efficient message authentication codes with combinatorial group testing. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 185–202. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24174-6_10

    Chapter  Google Scholar 

  34. Ngo, H.Q., Du, D.Z.: A survey on combinatorial group testing algorithms with applications to DNA library screening. DIMACS Ser. Discret. Math. Theor. Comput. Sci. 55, 171–182 (2000)

    Article  MathSciNet  Google Scholar 

  35. Ngo, H.Q., Porat, E., Rudra, A.: Efficiently decodable error-correcting list disjunct matrices and applications. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, vol. 6755, pp. 557–568. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22006-7_47

    Chapter  MATH  Google Scholar 

  36. Oprea, A., Reiter, M.K.: Space-efficient block storage integrity. In: NDSS. The Internet Society (2005)

    Google Scholar 

  37. Oprea, A., Reiter, M.K.: Integrity checking in cryptographic file systems with constant trusted storage. In: USENIX Security Symposium. USENIX Association (2007)

    Google Scholar 

  38. Porat, E., Rothschild, A.: Explicit nonadaptive combinatorial group testing schemes. IEEE Trans. Inf. Theory 57(12), 7982–7989 (2011)

    Article  MathSciNet  Google Scholar 

  39. Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16–31. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30539-2_2

    Chapter  Google Scholar 

  40. Rudra, A.: CSE 709: compressed sensing and group testing, Part I (fall 2011 seminar) (2011)

    Google Scholar 

  41. Shangguan, C., Ge, G.: New bounds on the number of tests for disjunct matrices. IEEE Trans. Inf. Theory 62(12), 7518–7521 (2016)

    Article  MathSciNet  Google Scholar 

  42. Smith, K.J.C.: Majority Decodable Codes Derived from Finite Geometries. Institute of Statistics Mimeo Series 561 (1967)

    Google Scholar 

  43. Thierry-Mieg, N.: A new pooling strategy for high-throughput screening: the shifted transversal design. BMC Bioinform. 7, 28 (2006)

    Article  Google Scholar 

  44. Ubaru, S., Mazumdar, A.: Multilabel classification with group testing and codes. In: ICML. Proceedings of Machine Learning Research, vol. 70, pp. 3492–3501. PMLR (2017)

    Google Scholar 

  45. Zaverucha, G.M., Stinson, D.R.: Group testing and batch verification. In: Kurosawa, K. (ed.) ICITS 2009. LNCS, vol. 5973, pp. 140–157. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14496-7_12

    Chapter  Google Scholar 

Download references

Acknowledgements

The authors would like to thank Hiroyasu Kubo, Nao Shibata, and Maki Shigeri for implementation, and anonymous reviewers of ESORICS 2019 and Eurocrypt 2019 for their insightful comments.

Author information

Authors and Affiliations

  1. NEC Corporation, Kawasaki, Japan

    Kazuhiko Minematsu & Norifumi Kamiya

Authors
  1. Kazuhiko Minematsu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Norifumi Kamiya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kazuhiko Minematsu .

Editor information

Editors and Affiliations

  1. NEC Corporation, Kawasaki, Japan

    Kazue Sako

  2. University of Surrey, Guildford, UK

    Steve Schneider

  3. University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Peter Y. A. Ryan

A Discussions on Decoder Unforgeability

A Discussions on Decoder Unforgeability

As well as previous work [22, 33], we assume that only the message is corrupted for defining DUF, which is more restrictive than the standard attack model for MACs. This is because when a tag is corrupted the verifier cannot decide whether both the data and tag are corrupted, or only the tag is corrupted. This is not a specific limitation of our scheme: it holds for the trivial scheme and Min15 as well. The avoidance of tag-only corruption is practical for some use cases. In a storage integrity protection system, MACs are applied to a large storage and the tags are usually stored in a small, trusted place (e.g. a secure hardware or an isolated server).

Meanwhile, it is also possible to extend our notions to capture the tag corruption (which corresponds to false positives in the test outcomes) or approximate detection. This will require us to extend the notion of disjunctness as studied in the context of CGT [10, 34, 35, 43]. See also Sect. 3.5 of Min15.

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Minematsu, K., Kamiya, N. (2019). Symmetric-Key Corruption Detection: When XOR-MACs Meet Combinatorial Group Testing. In: Sako, K., Schneider, S., Ryan, P. (eds) Computer Security – ESORICS 2019. ESORICS 2019. Lecture Notes in Computer Science(), vol 11735. Springer, Cham. https://doi.org/10.1007/978-3-030-29959-0_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-29959-0_29

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-29958-3

  • Online ISBN: 978-3-030-29959-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation