Collision Attacks on AES-Based MAC: Alpha-MAC

Authors:
Alex Biryukov;Andrey Bogdanov;Dmitry Khovratovich;Timo Kasper
Affiliations:
University of Luxemburg, Luxemburg,;Chair for Communication Security, Ruhr-University Bochum, Germany;University of Luxemburg, Luxemburg,;Chair for Communication Security, Ruhr-University Bochum, Germany
Venue:
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Year:
2007

Citing 8
Cited 4

The Design of Rijndael

The Design of Rijndael
Blind differential cryptanalysis for enhanced power attacks

SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
On the internal structure of ALPHA-MAC

VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
A new MAC construction alred and a specific instance ALPHA-MAC

FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
A side-channel analysis resistant description of the AES s-box

FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Cache attacks and countermeasures: the case of AES

CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
An AES smart card implementation resistant to power analysis attacks

ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
An efficient masking scheme for AES software implementations

WISA'05 Proceedings of the 6th international conference on Information Security Applications

Multiple-Differential Side-Channel Collision Attacks on AES

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Differential Cluster Analysis

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Towards Secure and Practical MACs for Body Sensor Networks

INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Revisiting the security of the ALRED design

ISC'10 Proceedings of the 13th international conference on Information security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Message Authentication Code construction Alred and its AES-based instance Alpha-MAC were introduced by Daemen and Rijmen in 2005. We show that under certain assumptions about its implementation (namely that keyed parts are perfectly protected against side-channel attacks but bulk hashing rounds are not) one can efficiently attack this function. We propose a side-channel collision attack on this MAC recovering its internal state just after 29 measurements in the known-message scenario which is to be compared to 40 measurements required by collision attacks on AES in the chosen-plaintext scenario. Having recovered the internal state, we mount a selective forgery attack using new 4 to 1 round collisions working with negligible memory and time complexity.