3kf9: Enhancing 3GPP-MAC beyond the Birthday Bound

نویسندگان

  • Liting Zhang
  • Wenling Wu
  • Han Sui
  • Peng Wang
چکیده

Among various cryptographic schemes, CBC-based MACs belong to the few ones most widely used in practice. Such MACs iterate a blockcipher EK in the so called Cipher-Block-Chaining way, i.e. Ci = EK(Mi⊕Ci−1) , offering high efficiency in practical applications. In the paper, we propose a new deterministic variant of CBC-based MACs that is provably secure beyond the birthday bound. The new MAC 3kf9 is obtained by combining f9 (3GPP-MAC) and EMAC sharing the same internal structure, and so it is almost as efficient as the original CBC MAC. 3kf9 offers O( l q 22n + lq 2n ) PRF-security when its underlying n-bit blockcipher is pseudorandom with three independent keys. This makes it more secure than traditional CBC-based MACs, especially when they are applied with lightweight blockciphers. Therefore, 3kf9 is expected to be a possible candidate MAC in resource-restricted environments.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

One-key Double-Sum MAC with Beyond-Birthday Security

MACs (Message Authentication Codes) are widely adopted in communication systems to ensure data integrity and data origin authentication, e.g. CBC-MACs in the ISO standard 9797-1. However, all the current designs either suffer from birthday attacks or require long key sizes. In this paper, we focus on designing beyond-birthday-bound MAC modes with a single key, and investigate their design princ...

متن کامل

Building Single-Key Beyond Birthday Bound Message Authentication Code

MACs (Message Authentication Codes) are widely adopted in communication systems to ensure data integrity and data origin authentication, e.g. CBC-MACs in the ISO standard 9797-1. However, all the current designs based on block cipher either suffer from birthday attacks or require long key sizes. In this paper, we focus on designing single keyed block cipher based MAC achieving beyond-birthday-b...

متن کامل

Lifting the Security of NI-MAC Beyond Birthday Bound

In CRYPTO 1999, J. An and M. Bellare proposed a MerkleDamg̊ard iteration based MAC construction called NI-MAC in order to avoid constant re-keying on multiblock messages in NMAC and to ease the security proof. In CRYPTO 2014, Gazi et al. revisited the proof of NI-MAC in the view of structure graph introduced by Bellare et al. in CRYPTO 2005 and gave a tight bound of order lq 2 2n , which is an i...

متن کامل

One-Key Compression Function Based MAC with Security Beyond Birthday Bound

Gaži et al. [CRYPTO 2014] analyzed the NI-MAC construction proposed by An and Bellare [CRYPTO 1999] and gave a tight birthday-bound ofO(`q/2), as an improvement over the previous bound of O(`q/2). In this paper, we design a simple extension of NI-MAC, called NI-MAC, and prove that it has security bound beyond birthday (BBB) of order O(q`/2) provided ` ≤ 2. Our construction not only lifts the se...

متن کامل

Tweakable Blockciphers with Beyond Birthday-Bound Security

Liskov, Rivest and Wagner formalized the tweakable blockcipher (TBC) primitive at CRYPTO’02. The typical recipe for instantiating a TBC is to start with a blockcipher, and then build up a construction that admits a tweak. Almost all such constructions enjoy provable security only to the birthday bound, and the one that does achieve security beyond the birthday bound (due to Minematsu) severely ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012