Differential Attack on Message Authentication Codes
نویسندگان
چکیده
We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 2 pairs of plaintext, while FEAL8-MAC can be broken with 2 pairs. The proposed attack is applicable to any MAC scheme, even if the 32-bits are randomly selected from among the 64-bits of ciphertext generated by a cryptosystem vulnerable to differential attack in the chosen plaintext scenario.
منابع مشابه
A MAC Forgery Attack on SOBER-128
SOBER-128 is a stream cipher designed by Rose and Hawkes in 2003. It can be also used for generating Message Authentication Codes (MACs) and an authenticated encryption. The developers claimed that it is difficult to forge MACs generated by both functions of SOBER128, though, the security assumption in the proposal paper is not realistic in some instances. In this paper, we examine the security...
متن کاملAnalysis and design of block cipher constructions
This thesis is dedicated to symmetric cryptographic algorithms. The major focus of the work is on block ciphers themselves as well as on hash functions and message authentication codes based on block ciphers. Three main approaches to the cryptanalysis of symmetric cryptographic algorithms are pursued. First, several block cipher constructions are analyzed mathematically using statistical crypta...
متن کاملTruncation attacks on MACs
A new type of attack on Message Authentication Codes (MACs) is introduced which takes advantage of possible weaknesses in interfaces to hardware security modules. In particular, if a module does not fix the degree of MAC truncation employed, then potentially serious attacks are possible.
متن کاملA replay-attack resistant message authentication scheme using time-based keying hash functions and unique message identifiers
Hash-based message authentication codes are an extremely simple yet hugely effective construction for producing keyed message digests using shared secrets. HMACs have seen widespread use as ad-hoc digital signatures in many Internet applications. While messages signed with an HMAC are secure against sender impersonation and tampering in transit, if used alone they are susceptible to replay atta...
متن کاملBounds on authentication systems in query mode
Unconditionally secure authentication codes provide information theoretic security against an adversary who observes authenticated messages and then wants to construct a fraudulent message that is acceptable by the receiver. The attack model for these codes has recently been strengthened and adaptive adversaries with oracle access have been introduced. In this paper we give an analysis of this ...
متن کامل