MAC Reforgeability
نویسندگان
چکیده
Message Authentication Codes (MACs) are a central algorithm deployed in virtually every security protocol in common usage. The integrity and authenticity of messages relies entirely on the security of the MAC; we examine cases in which this security is lost. In this paper, we examine the notion of “reforgeability” for MACs. We first give a definition for this new notion, then examine some of the most widely-used and well-known MACs under our definition. We show that for each of these MACs there exists an attack that allows efficient forgeries after the first one is obtained, and we show that simply making these schemes stateful is usually insufficient. For those schemes where adding state is effective, we go one step further to examine how counter misuse affects the security of the MAC, finding, in many cases, simply repeating a single counter value yields complete insecurity. These issues motivated the design of a new scheme, WMAC, which has a number of desirable properties. It is as efficient as the fastest MACs, resists counter misuse, and has tags which may be truncated to the desired length without affecting security (currently, the fastest MACs do not have this property), making it resistant to reforging attacks and arguably the best MAC for constrained
منابع مشابه
Reforgeability of Authenticated Encryption Schemes
This work pursues the idea of multi-forgery attacks as introduced by Ferguson in 2002. We recoin reforgeability for the complexity of obtaining further forgeries once a first forgery has succeeded. First, we introduce a security notion for the integrity (in terms of reforgeability) of authenticated encryption schemes: j-Int-CTXT, which is derived from the notion INT-CTXT. Second, we define an a...
متن کاملMulti-channel Medium Access Control Protocols for Wireless Sensor Networks: A Survey
Extensive researches on Wireless Sensor Networks (WSNs) have been performed and many techniques have been developed for the data link (MAC) layer. Most of them assume single-channel MAC protocols. In the usual dense deployment of the sensor networks, single-channel MAC protocols may be deficient because of radio collisions and limited bandwidth. Hence, using multiple channels can significantly ...
متن کاملGame Theory based Energy Efficient Hybrid MAC Protocol for Lifetime Enhancement of Wireless Sensor Network
Wireless Sensor Networks (WSNs) comprising of tiny, power-constrained nodes are getting very popular due to their potential uses in wide applications like monitoring of environmental conditions, various military and civilian applications. The critical issue in the node is energy consumption since it is operated using battery, therefore its lifetime should be maximized for effective utilization ...
متن کاملMulti-channel Medium Access Control Protocols for Wireless Sensor Networks: A Survey
Extensive researches on Wireless Sensor Networks (WSNs) have been performed and many techniques have been developed for the data link (MAC) layer. Most of them assume single-channel MAC protocols. In the usual dense deployment of the sensor networks, single-channel MAC protocols may be deficient because of radio collisions and limited bandwidth. Hence, using multiple channels can significantly ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2006 شماره
صفحات -
تاریخ انتشار 2006