Skip to main content
SpringerLink
Log in

A Single-Key Domain Extender for Privacy-Preserving MACs and PRFs

  • Conference paper
Information Security and Cryptology – ICISC 2008 (ICISC 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5461))

Included in the following conference series:

Abstract

We present a CBC (cipher block chaining)-like mode of operation for MACs (message authentication codes) using a hash function. The new construction iCBC (imbalanced CBC) does not follow the Merkle-Damgård design but rather iterates the underlying compression function directly in a CBC-like manner. Many of the prior MAC constructions, including HMAC, assume PRF (pseudo-random function) properties of the underlying primitive. In contrast, our iCBC-MAC makes only a PP-MAC (privacy-preserving MAC) assumption about the compression function. Despite the fact that PP-MAC is a strictly weaker requirement than PRF, iCBC-MAC works with a single key like HMAC and runs as efficiently as HMAC. Moreover, iCBC-MAC becomes even faster than HMAC, depending on the choice of security parameters. Additionally, iCBC-MAC is multi-property-preserving in the sense that it operates as a domain extender for both PP-MACs and PRFs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)

    Google Scholar 

  2. Bellare, M.: New proofs for NMAC and HMAC: Security without collision resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Kim, J., Biryukov, A., Preneel, B., Hong, S.: On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (Extended abstract). In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 242–256. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  4. Contini, S., Yin, Y.L.: Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 37–53. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Fouque, P.A., Leurent, G., Nguyen, P.Q.: Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 13–30. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Wang, L., Ohta, K., Kunihiro, N.: New key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 237–253. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  7. An, J.H., Bellare, M.: Constructing VIL-MACs from FIL-MACs: Message authentication under weakened assumptions. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 252–269. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  8. Maurer, U.M., Sjödin, J.: Single-key AIL-MACs from any FIL-MAC. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 472–484. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Joux, A.: Multicollisions in iterated hash functions. Application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Kelsey, J., Schneier, B.: Second preimages on n-bit hash functions for much less than 2n work. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474–490. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Coron, J.S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård revisited: How to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Lucks, S.: A failure-friendly design principle for hash functions. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 474–494. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Bellare, M., Ristenpart, T.: Hash functions in the dedicated-key setting: Design choices and MPP transforms. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 399–410. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  14. Fischlin, M.: Security of NMAC and HMAC based on non-malleability. In: Malkin, T.G. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 138–154. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. Yasuda, K.: Boosting Merkle-Damgård hashing for message authentication. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 216–231. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  16. Hirose, S., Park, J.H., Yun, A.: A simple variant of the Merkle-Damgård scheme with a permutation. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 113–129. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  17. Dodis, Y., Pietrzak, K., Puniya, P.: A new mode of operation for block ciphers and length-preserving MACs. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 198–219. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Iwata, T., Kurosawa, K.: OMAC: One-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  19. Patel, S.: An efficient MAC for short messages. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 353–368. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  20. Bellare, M., Goldreich, O., Mityagin, A.: The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive: Report 2004/304 (2004)

    Google Scholar 

  21. Preneel, B., van Oorschot, P.C.: MDx-MAC and Building Fast MACs from Hash Functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 1–14. Springer, Heidelberg (1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NTT Information Sharing Platform Laboratories, NTT Corporation, 3-9-11 Midoricho Musashino-shi, Tokyo, 180-8585, Japan

    Kan Yasuda

Authors
  1. Kan Yasuda
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electronic and Electrical Engineering, Pohang University of Science and Technology (POSTECH), San 31 Hyoja-dong, Nam-gu,, 790-784, Pohang, Kyungbuk, Korea

    Pil Joong Lee

  2. Department of Mathematical Sciences, Seoul National University, 599 Gwanakno, Gwanak-gu, 151-742, Seoul, Korea

    Jung Hee Cheon

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yasuda, K. (2009). A Single-Key Domain Extender for Privacy-Preserving MACs and PRFs. In: Lee, P.J., Cheon, J.H. (eds) Information Security and Cryptology – ICISC 2008. ICISC 2008. Lecture Notes in Computer Science, vol 5461. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00730-9_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00730-9_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00729-3

  • Online ISBN: 978-3-642-00730-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation