Key Recovery and Forgery Attacks on the MacDES MAC Algorithm
نویسندگان
چکیده
We describe a series of new attacks on a CBC-MAC algorithm due to Knudsen and Preneel including two key recovery attacks and a forgery attack. Unlike previous attacks, these techniques will work when the MAC calculation involves prefixing the data to be MACed with a ‘length block’. These attack methods provide new (tighter) upper bounds on the level of security offered by the MacDES technique.
منابع مشابه
New attacks on the MacDES MAC Algorithm
Two new attacks are given on a CBC-MAC algorithm due to Knudsen and Preneel, 2], which is in the nal stages of being standardised as MAC Algorithm 4 in ISO/IEC FDIS 9797{1. The attacks are signiicantly more eecient than previously known attacks, which means that the inclusion of this scheme in the standard will need to be reconsidered.
متن کاملKey-Recovery Attacks on Universal Hash Function Based MAC Algorithms
This paper discusses key recovery and universal forgery attacks on several MAC algorithms based on universal hash functions. The attacks use a substantial number of verification queries but eventually allow for universal forgeries instead of existential or multiple forgeries. This means that the security of the algorithms completely collapses once a few forgeries are found. Some of these attack...
متن کاملOn Message Authentication in 4G LTE System
After decades of evolution, the cellular system has become an indispensable part of modern life. Together with the convenience brought by the cellular system, many security issues have arisen. Message integrity protection is one of the urgent problems. The integrity of a message is usually protected by message authentication code (MAC). Forgery attacks are the primary threat to message integrit...
متن کاملCryptanalysis of Message Authentication Codes
This paper gives a survey of attacks on Message Authentication Codes (MACs). First it defines the required security properties. Next it describes generic forgery and key recovery attacks on MACs. Subsequently an overview is presented of most MAC constructions and on attacks on these algorithms. The MACs described include CBC-MAC and its variants, the MAC algorithms derived from cryptographic ha...
متن کاملCryptanalysis of HMAC/NMAC-Whirlpool
In this paper, we present universal forgery and key recovery attacks on the most popular hash-based MAC constructions, e.g., HMAC and NMAC, instantiated with an AES-like hash function Whirlpool. These attacks work with Whirlpool reduced to 6 out of 10 rounds in single-key setting. To the best of our knowledge, this is the first result on “original” key recovery for HMAC (previous works only suc...
متن کامل