Skip to main content
SpringerLink
Log in

Aggregate message authentication codes (AMACs) with on-the-fly verification

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Aggregate message authentication codes (AMACs) merge multiple authenticators for multiple receivers in multicast networks. We investigate this security notion, revise the definition, derive the lower bound, and present a generic construction through Bloom filters. Different from former research, we especially focus on the new property of AMACs: on-the-fly verification, which means that given the aggregated tag, each single message can be verified without obtaining other messages, i.e., the time for verifying a single message takes time complexity \(\mathcal{O }(1)\), compared to regular MAC schemes. We derive the security lower bound of such type of AMACs and present a generic approach to build them from essentially any standard MAC scheme by Bloom filter technique. Moreover, we achieve the theoretical lower bound on security strength by adopting optimal compressed Bloom filters.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Notes

  1. \(H(x)=-x\log _2x-(1-x)\log _2(1-x)\) for \(0 \le x\le 1\).

  2. \(p_0=(1-1/m)^{kn}\approx e^{-kn/m}\).

  3. \(H(p_0)=H(p_1)\) if \(p_1=1-p_0\).

  4. The false positive rate of CBF is \(f_p=(1-p_0)^{\frac{z\ln p_0}{nH(p_0)}}\).

  5. Note that \(\beta \le nk/m\) since there are at most \(nk\) hash output in each Bloom filter.

References

  1. Boneh, D., Durfee, G., Franklin, M.K.: Lower bounds for multicast message authentication. In: EUROCRYPT, LNCS, vol. 2045, pp. 437–452. Springer, Heidelberg (2001)

  2. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: EUROCRYPT, LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)

  3. Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: a taxonomy and some efficient constructions. In: INFOCOM, vol. 2, pp. 708–716. IEEE Press, New York (1999)

  4. Chan, A.F., Castelluccia, C.: On the (im)possibility of aggregate message authentication codes. In: IEEE International Symposium on Information Theory, 2008. ISIT 2008. pp. 235–239 (2008)

  5. Chan, H., Perrig, A.: Round-efficient broadcast authentication protocols for fixed topology classes. In: IEEE Symposium on Security and Privacy, pp. 257–272. IEEE Computer Society (2010)

  6. Chan, H., Perrig, A., Song, D.: Secure hierarchical in-network aggregation in sensor networks. In: CCS ’06: Proceedings of the 13th ACM conference on Computer and communications security, pp. 278–287. ACM, New York, NY, USA (2006)

  7. Chen, Y.S., Lin, I.L., Lei, C.L., Liao, Y.H.: Broadcast authentication in sensor networks using compressed bloom filters. In: DCOSS, pp. 99–111. Springer, Berlin (2008)

  8. Eikemeier, O., Fischlin, M., Götzmann, J.F., Lehmann, A., Schröder, D., Schröder, P., Wagner, D.: History-free aggregate message authentication codes. In: Garay, J.A., Prisco, R.D. (eds.) SCN, vol. 6280, pp. 309–328. Springer (2010)

  9. Katz, J., Lindell, A.Y.: Aggregate message authentication codes. In: CT-RSA, LNCS, vol. 4964, pp. 155–169. Springer, Heidelberg (2008)

  10. Maurer, U.M.: A unified and generalized treatment of authentication theory. In: Proceedings 13th Symposium on Theoretical Aspects of Computer Science (STACS 1996), LNCS, pp. 387–398. Springer-Verlag (1996)

  11. Maurer, U.M.: Authentication theory and hypothesis testing. IEEE Trans. Inf. Theory 46(4), 1350–1356 (2000)

    Article  MATH  Google Scholar 

  12. Mitzenmacher, M.: Compressed bloom filters. IEEE/ACM Trans. Netw. 10(5), 604–612 (2002)

    Article  Google Scholar 

  13. Perrig, A., Canetti, R., Song, D., Tygar, J.: Efficient and secure source authentication for multicast. In: Network and Distributed System Security Symposium, NDSS, vol. 1, pp. 35–46 (2001)

  14. Perrig, A., Canetti, R., Tygar, J.D., Song, D.: The TESLA broadcast authentication protocol. RSA CryptoBytes 5(2), 2–13 (2002)

    Google Scholar 

  15. Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: security protocols for sensor networks. In: MobiCom ’01: Proceedings of the 7th annual international conference on Mobile computing and networking, pp. 189–199. ACM, New York, NY, USA (2001)

  16. Rosenbaum, U.: A lower bound on authentication after having observed a sequence of messages. J. Cryptol. 6(3), 135–156 (1993)

    Article  MathSciNet  MATH  Google Scholar 

  17. Simmons, G.J.: Authentication theory/coding theory. In: Proceedings of CRYPTO 84 on Advances in Cryptology, pp. 411–431. Springer-Verlag New York, Inc., New York, NY, USA (1985)

  18. Smeets, B.J.M.: Bounds on the probability of deception in multiple authentication. IEEE Trans. Inf. Theory 40(5), 1586 (1994)

    Article  MathSciNet  MATH  Google Scholar 

  19. Walker, M.: Information-theoretic bounds for authentication schemes. J. Cryptol. 2(3), 131–144 (1990)

    Article  MATH  Google Scholar 

  20. Ye, F., Luo, H., Lu, S., Zhang, L.: Statistical en-route filtering of injected false data in sensor networks. In: INFOCOM, pp. 2446–2457. IEEE (2004)

  21. Znaidi, W., Minier, M., Lauradoux, C.: Aggregated authentication (AMAC) using universal hash functions. In: SecureComm ’09, pp. 248–252 (2009)

Download references

Author information

Authors and Affiliations

  1. Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan

    Yu-Shian Chen & Chin-Laung Lei

Authors
  1. Yu-Shian Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chin-Laung Lei
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu-Shian Chen.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Chen, YS., Lei, CL. Aggregate message authentication codes (AMACs) with on-the-fly verification. Int. J. Inf. Secur. 12, 495–504 (2013). https://doi.org/10.1007/s10207-013-0202-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-013-0202-0

Keywords

Search

Navigation