An Efficient MAC for Short Messages
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Constructing VIL-MACsfrom FIL-MACs: Message Authentication under Weakened Assumptions
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
MDx-MAC and Building Fast MACs from Hash Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
A simple variant of the Merkle-Damgård scheme with a permutation
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Boosting Merkle-Damgård hashing for message authentication
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
A new mode of operation for block ciphers and length-preserving MACs
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
New key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Security of NMAC and HMAC based on non-malleability
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
A failure-friendly design principle for hash functions
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Single-key AIL-MACs from any FIL-MAC
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Merkle-Damgård revisited: how to construct a hash function
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Second preimages on n-bit hash functions for much less than 2n work
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (extended abstract)
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Hash functions in the dedicated-key setting: design choices and MPP transforms
ICALP'07 Proceedings of the 34th international conference on Automata, Languages and Programming
Constructing rate-1 MACs from related-key unpredictable block ciphers: PGV model revisited
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Hi-index | 0.00 |
We present a CBC (cipher block chaining)-like mode of operation for MACs (message authentication codes) using a hash function. The new construction iCBC (imbalanced CBC) does not follow the Merkle-Damgård design but rather iterates the underlying compression function directly in a CBC-like manner. Many of the prior MAC constructions, including HMAC, assume PRF (pseudo-random function) properties of the underlying primitive. In contrast, our iCBC-MAC makes only a PP-MAC (privacy-preserving MAC) assumption about the compression function. Despite the fact that PP-MAC is a strictly weaker requirement than PRF, iCBC-MAC works with a single key like HMAC and runs as efficiently as HMAC. Moreover, iCBC-MAC becomes even faster than HMAC, depending on the choice of security parameters. Additionally, iCBC-MAC is multi-property-preserving in the sense that it operates as a domain extender for both PP-MACs and PRFs.