Impact of ANSI X9.24-1: 2009 Key Check Value on ISO/IEC 9797-1: 2011 MACs
نویسندگان
چکیده
ANSI X9.24-1:2009 specifies the key check value, which is used to verify the integrity of the blockcipher key. This value is defined as the most significant bits of the ciphertext of the zero block, and is assumed to be publicly known data for verification. ISO/IEC 9797-1:2011 illustrates a total of ten CBC MACs, where one of these MACs, the basic CBC MAC, is widely known to be insecure. In this paper, we consider the remaining nine CBC MACs and derive the quantitative security impact of using the key check value. We first show attacks against five MACs by taking advantage of the knowledge of the key check value. We then prove that the analysis is tight, in a concrete security paradigm. For the remaining four MACs, we prove that the standard birthday bound still holds even with the presence of the key check value. As a result, we obtain a complete characterization of the impact of using ANSI X9.24-1 key check value with the ISO/IEC 9797-1 MACs.
منابع مشابه
New Attacks against Standardized MACs
In this paper, we revisit the security of several message authentication code (MAC) algorithms based on block ciphers, when instantiated with 64-bit block ciphers such as DES. We essentially focus on algorithms that were proposed in the norm ISO/IEC 9797–1. We consider both forgery attacks and key recovery attacks. Our results improve upon the previously known attacks and show that all algorith...
متن کاملDefeating Embedded Cryptographic Protocols by Combining Second-Order with Brute Force
Side-channel analysis is a well-known and efficient hardware technique to recover embedded secrets in microprocessors. Countermeasures relying on random masking have been proven to be sound protections against such threats and are usually added to protect sensitive intermediate data during the algorithm process. However, SecondOrder Side-Channel Analysis have proven to allow secret key recovery...
متن کاملDefeating ISO9797-1 MAC Algo 3 by Combining Side-Channel and Brute Force Techniques
Side-channel analysis is a well-known and efficient hardware technique to recover embedded secrets in microprocessors. Over the past years, the state-of-the-art side-channel attacks has significantly increased, leading to a myriad of vulnerability paths that secure codes must withstand. Nowadays most of the attacks target the cryptographic algorithms, but very few exploit the cryptographic prot...
متن کاملOn the Security of Iterated Message Authentication Codes
The security of iterated message authentication code (MAC) algorithms is considered, and in particular those constructed from unkeyed hash functions. A new MAC forgery attack applicable to all deterministic iterated MAC algorithms is presented, which requires on the order of 2n=2 known text-MAC pairs for algorithms with n bits of internal memory, as compared to the best previous general attack ...
متن کاملAn ISO / IEC 42010 ( IEEE Std 1471 ) Annotated Bibliography
This is an annotated bibliography of papers, reports and books pertaining to ANSI/IEEE Std 1471 (now also published as international standard ISO/IEC 42010). It was originally prepared for ISO/IEC JTC 1/SC 7 WG 42, the Architecture working group of the Systems and Software Engineering Subcommittee of ISO. WG 42 is the body performing the joint ISO and IEEE revision of IEEE 1471 as ISO/IEC 42010...
متن کامل