Badger - A Fast and Provably Secure MAC
نویسندگان
چکیده
We present Badger, a new fast and provably secure MAC based on universal hashing. In the construction, a modified tree hash that is more efficient than standard tree hash is used and its security is being proven. Furthermore, in order to derive the core hash function of the tree, we use a novel technique for reducing ∆-universal function families to universal families. The resulting MAC is very efficient on standard platforms both for short and long messages. As an example, for a 64-bit tag, it achieves performances up to 2.2 and 1.2 clock cycles per byte on a Pentium III and Pentium 4 processor, respectively. The forgery probability is at most 2.
منابع مشابه
Artemia: a family of provably secure authenticated encryption schemes
Authenticated encryption schemes establish both privacy and authenticity. This paper specifies a family of the dedicated authenticated encryption schemes, Artemia. It is an online nonce-based authenticated encryption scheme which supports the associated data. Artemia uses the permutation based mode, JHAE, that is provably secure in the ideal permutation model. The scheme does not require the in...
متن کاملEvaluation of Badger
Executive summary In this document we present the results of a security analysis of the MAC function Badger. Badger is designed following the approach of universal hash functions. This approach allows to make very precise statements about the security level obtained. More importantly, the approach allows to construct clear mathematical proofs. We verified and confirmed the correctness of all th...
متن کاملProvably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملCorrection to “On the Security of Two New OMAC Variants”
OMAC is a provably secure MAC scheme which NIST cur rently intends to specify as the modes recommendation. In August 2003, Mitchell proposed a variant of OMAC. We call it OMAC1"" . In this pa per, we prove that OMAC1"" is less secure than original OMAC1. We show a security gap between them. As a result, we obtain a negative answer to Mitchell’s open question — OMAC1"" is not provably secure e...
متن کاملOn the Security of a MAC by Mitchell
Tetsu IWATA †a) and Kaoru KUROSAWA †b) , Members SUMMARY OMAC is a provably secure MAC scheme proposed by Iwata and Kurosawa [10]. NIST currently intends to specify OMAC as the modes recommendation. In August 2003, Mitchell published a note " On the security of XCBC, TMAC and OMAC " to propose a new variant of OMAC [16]. We call it OMAC1. In this paper, we prove that OMAC1 is less secure than t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2004 شماره
صفحات -
تاریخ انتشار 2004