On families of hash functions via geometric codes and concatenation
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Universal hashing and authentication codes
Designs, Codes and Cryptography
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
SQUARE HASH: Fast Message Authenication via Optimized Universal Hash Functions
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Chosen Text Attack on The Modified Cryptographic Checksum Algorithm of Cohen and Huang
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
LFSR-based Hashing and Authentication
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
MMH: Software Message Authentication in the Gbit/Second Rates
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Energy Scalable Universal Hashing
IEEE Transactions on Computers
Message authentication on 64-bit architectures
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
The Poly1305-AES message-authentication code
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Improving the security of MACs via randomized message preprocessing
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
An improved memory integrity protection scheme
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
E-MACs: towards more secure and more efficient constructions of secure channels
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Grain-128a: a new version of Grain-128 with optional authentication
International Journal of Wireless and Mobile Computing
Analysis of the initial and modified versions of the candidate 3GPP integrity algorithm 128-EIA3
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Lightweight integrity for XOR network coding in wireless sensor networks
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Energy efficient authentication strategies for network coding
Concurrency and Computation: Practice & Experience
International Journal of Communication Systems
Authenticated encryption: how reordering can impact performance
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Γ-MAC[H, P]: a new universal MAC scheme
WEWoRC'11 Proceedings of the 4th Western European conference on Research in Cryptology
Cycling attacks on GCM, GHASH and other polynomial MACs and hashes
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Short-Output universal hash functions and their use in fast and secure data authentication
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
On security of universal hash function based multiple authentication
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
| Hi-index | 0.00 |
This paper discusses key recovery and universal forgery attacks on several MAC algorithms based on universal hash functions. The attacks use a substantial number of verification queries but eventually allow for universal forgeries instead of existential or multiple forgeries. This means that the security of the algorithms completely collapses once a few forgeries are found. Some of these attacks start off by exploiting a weak key property, but turn out to become full-fledged divide and conquer attacks because of the specific structure of the universal hash functions considered. Partial information on a secret key can be exploited too, in the sense that it renders some key recovery attacks practical as soon as a few key bits are known. These results show that while universal hash functions offer provable security, high speeds and parallelism, their simple combinatorial properties make them less robust than conventional message authentication primitives.