Combinatorial techniques for universal hashing
Journal of Computer and System Sciences
On families of hash functions via geometric codes and concatenation
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Universal Hashing and Authentication Codes
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
LFSR-based Hashing and Authentication
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Bucket Hashing and its Application to Fast Message Authentication
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
On Fast and Provably Secure Message Authentication Based on Universal Hashing
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Universal Hashing and Multiple Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
MMH: Software Message Authentication in the Gbit/Second Rates
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Message authentication codes
Key-Recovery Attacks on Universal Hash Function Based MAC Algorithms
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Fast Software Encryption
New hash functions for message authentication
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
The Poly1305-AES message-authentication code
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Stronger security bounds for wegman-carter-shoup authenticators
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
Universal hash function based multiple authentication was originally proposed by Wegman and Carter in 1981. In this authentication, a series of messages are authenticated by first hashing each message by a fixed (almost) strongly universal2 hash function and then encrypting the hash value with a preshared one-time pad. This authentication is unconditionally secure. In this paper, we show that the unconditional security cannot be guaranteed if the hash function output for the first message is not encrypted, as remarked in [1]. This means that it is not only sufficient, but also necessary, to encrypt the hash of every message to be authenticated in order to have unconditional security. The security loss is demonstrated by a simple existential forgery attack. The impact of the attack is also discussed at the end.