Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security and Cryptology

Inscrypt 2008: Information Security and Cryptology pp 96–114Cite as

Security of Truncated MACs

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5487))

Abstract

In all of the MAC standard documents, the tag truncation is defined. Even if a MAC can be proved to be secure in the sense of unforgeability, the truncated MAC may suffer from sudden loss of security. We propose a new notion of robust unforgeability to address this problem, which is strictly stronger than the notion of unforgeability. We also give some generic methods to turn the unforgeable MAC into robustly unforgeable one. Furthermore we propose a notion of variationally XOR universal hash function, which is strictly weaker than the previously proposed notion of variationally universal hash function by Krovetz and Rogaway, to strengthen the security of Wegman-Carter MACs to be robustly unforgeable.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. An, J.H., Bellare, M.: Constructing VIL-mACs from FIL-mACs: Message authentication under weakened assumptions. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 252–269. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  2. Bellare, M.: New proofs for NMAC and HMAC: Security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Bellare, M., Goldreich, O., Mityagin, A.: The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive, Report 2004/309 (2004), http://eprint.iacr.org/

  4. Bellare, M., Guérin, R., Rogaway, P.: XOR mACs: New methods for message authentication using finite pseudorandom functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 15–28. Springer, Heidelberg (1995)

    Google Scholar 

  5. Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences 61, 262–399 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  6. Bellare, M., Ristenpart, T.: Hash functions in the dedicated-key setting: Design choices and MPP transforms. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 399–410. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  7. Bernstein, D.J.: Floating-point arithmetic and message authentication (1999), http://cr.yp.to/antiforgery/hash127-20040918.pdf

  8. Bernstein, D.J.: The poly1305-AES message-authentication code. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 32–49. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Bernstein, D.J.: Stronger security bounds for wegman-carter-shoup authenticators. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 164–180. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P.: UMAC: Fast and secure message authentication. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 216–233. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  11. Black, J., Rogaway, P.: CBC mACs for arbitrary-length messages:The three-key constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197–215. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  12. Black, J., Rogaway, P.: A block-cipher mode of operation for parallelizable message authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  13. Boesgaard, M., Christensen, T., Zenner, E.: Badger – A fast and provably secure MAC. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 176–191. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  14. Bosselaers, A., Preneel, B. (eds.): RIPE 1992. LNCS, vol. 1007. Springer, Heidelberg (1995)

    Google Scholar 

  15. Carter, J.L., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences 18(2), 143–154 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  16. Dodis, Y., Pietrzak, K., Puniya, P.: A new mode of operation for block ciphers and length-preserving MACs. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 198–219. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  17. Dodis, Y., Puniya, P.: Feistel networks made public, and applications. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 534–554. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  18. Etzel, M., Patel, S., Ramzan, Z.: Square hash: Fast message authentication via optimized universal hash functions. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 234–251. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  19. FIPS-133. Federal information processing standards publication (FIPS 133). computer data authentication (1985)

    Google Scholar 

  20. FIPS-198. The keyed-hash message authentication code. Federal Information Processing Standards Publication (FIPS PUB) 198 (2002)

    Google Scholar 

  21. Halevi, S., Krawczyk, H.: MMH: Software message authentication in the Gbit/second rates. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 172–189. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  22. ISO/IEC. ISO/IEC 9797-1, information technology security techniques message authentication codes (MACs) part 1: Mechanisms using a block cipher (1997)

    Google Scholar 

  23. ISO/IEC. ISO/IEC 9797-2, information technology security techniques message authentication codes (MACs) part 2: Mechanisms using a hash-function (2002)

    Google Scholar 

  24. Iwata, T., Kurosawa, K.: OMAC: One-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  25. Jaulmes, É., Joux, A., Valette, F.: On the security of randomized CBC-MAC beyond the birthday paradox limit: A new construction. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 237–251. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  26. Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-hashing for message authentication. RFC 2104 (1997)

    Google Scholar 

  27. Krovetz, T.: Message authentication on 64-bit architectures. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 327–341. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  28. Krovetz, T., Rogaway, P.: Variationally universal hashing. Information Processing Letters 100(1), 36–39 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  29. Maurer, U.M., Sjödin, J.: Domain expansion of mACs: Alternative uses of the FIL-MAC. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 168–185. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  30. Maurer, U.M., Sjödin, J.: Single-key AIL-mACs from any FIL-MAC. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 472–484. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  31. Naor, M., Reingold, O.: From unpredictability to indistinguishability: A simple construction of pseudo-random functions from MACs (extended abstract). In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 267–282. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  32. NIST. Recommendation for block cipher modes of operation: The CMAC mode for authentication. NIST Special Publication 800-38B (2005), http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf

  33. Petrank, E., Rackoff, C.: CBC MAC for real-time data sources. Journal of Cryptology 13(3), 315–338 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  34. Rogaway, P.: Bucket hashing and its application to fast message authentication. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 29–42. Springer, Heidelberg (1995)

    Google Scholar 

  35. Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 313–328. Springer, Heidelberg (1996)

    Google Scholar 

  36. Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. Journal of Computer and System Sciences 22(3), 265–279 (1981)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, Beijing, 100049, China

    Peng Wang & Changlu Lin

  2. State Key Laboratory of Information Security, Institution of Software of Chinese Academy of Sciences, Beijing, 100080, China

    Dengguo Feng & Wenling Wu

  3. Key Laboratory of Network Security and Cryptology, Fujian Normal University, Fujian, 350007, China

    Changlu Lin

Authors
  1. Peng Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dengguo Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Changlu Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wenling Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, Google Inc. and Columbia University, Room 464, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

  2. College of Information Sciences and Technology, Pennsylvania State University, PA 16802, University Park, USA

    Peng Liu

  3. SKLOIS, Institute of Software, Chinese Academy of Sciences, 100080, Beijing, China

    Dongdai Lin

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, P., Feng, D., Lin, C., Wu, W. (2009). Security of Truncated MACs. In: Yung, M., Liu, P., Lin, D. (eds) Information Security and Cryptology. Inscrypt 2008. Lecture Notes in Computer Science, vol 5487. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01440-6_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01440-6_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01439-0

  • Online ISBN: 978-3-642-01440-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation