How to construct pseudo-random permutations from pseudo-random functions
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Hash functions based on block ciphers: a synthetic approach
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Constructing VIL-MACsfrom FIL-MACs: Message Authentication under Weakened Assumptions
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
A Block-Cipher Mode of Operation for Parallelizable Message Authentication
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit: A New Construction
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
On the Unprovable Security of 2-Key XCBC
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
A Single-Key Domain Extender for Privacy-Preserving MACs and PRFs
Information Security and Cryptology --- ICISC 2008
A Double-Piped Mode of Operation for MACs, PRFs and PROs: Security beyond the Birthday Barrier
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Fast and Secure CBC-Type MAC Algorithms
Fast Software Encryption
Distinguisher and Related-Key Attack on the Full AES-256
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Message Authentication Codes from Unpredictable Block Ciphers
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
A theoretical treatment of related-key attacks: RKA-PRPS, RKA-PRFs, and applications
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
A simple variant of the Merkle-Damgård scheme with a permutation
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
A new mode of operation for block ciphers and length-preserving MACs
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
A related-key rectangle attack on the full KASUMI
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Single-key AIL-MACs from any FIL-MAC
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Related-mode attacks on block cipher modes of operation
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III
Merkle-Damgård revisited: how to construct a hash function
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Hash functions in the dedicated-key setting: design choices and MPP transforms
ICALP'07 Proceedings of the 34th international conference on Automata, Languages and Programming
BCBC: a more efficient MAC algorithm
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Hi-index | 0.00 |
Almost all current block-cipher-based MACs reduce their security to the pseudorandomness of their underlying block ciphers, except for a few of them to the unpredictability, a strictly weaker security notion than pseudorandomness. However, the latter MACs offer relatively low efficiency. In this paper, we investigate the feasibility of constructing rate-1 MACs from related-key unpredictable block ciphers. First, we show all the existing rate-1 MACs are insecure when instantiated with a special kind of related-key unpredictable block cipher. The attacks on them inspire us to propose an assumption that all the chaining values are available to adversaries for theoretically analyzing such MACs. Under this assumption, we study the security of 64 rate-1 MACs in keyed PGV model, and find that 1) 15 MACs are meaningless; 2) 25 MACs are vulnerable to three kinds of attacks respectively and 3) 24 MACs are provably secure when their underlying block ciphers are related-key unpredictable. Furthermore, we refine these 24 provably secure rate-1 MACs in Compact PGV model by removing a useless parameter away, and find that the resulting 6 provably secure MACs are in fact equivalent to each other. In the aspect of efficiency, however, the low rate of these secure MACs does not necessarily mean they can run faster than none rate-1 one MACs, due to their large number of key schedules.