How to construct random functions
Journal of the ACM (JACM)
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
How to Protect DES Against Exhaustive Key Search
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
On the security of two MAC algorithms
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Risks with Raw-Key Masking - The Security Evaluation of 2-Key XCBC
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
New Paradigms for Constructing Symmetric Encryption Schemes Secure against Chosen-Ciphertext Attack
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
A Block-Cipher Mode of Operation for Parallelizable Message Authentication
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Optimized Self-Synchronizing Mode of Operation
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit: A New Construction
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
On the Unprovable Security of 2-Key XCBC
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Two New Efficient CCA-Secure Online Ciphers: MHCBC and MCBC
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Information Security and Cryptology
Distinguishing and Second-Preimage Attacks on CBC-Like MACs
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
The price of security in wireless sensor networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
A unified method for improving PRF bounds for a class of blockcipher based MACs
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Constructing rate-1 MACs from related-key unpredictable block ciphers: PGV model revisited
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
BCBC: a more efficient MAC algorithm
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
A new variant of PMAC: beyond the birthday bound
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A simple and unified method of proving indistinguishability
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
A new MAC construction alred and a specific instance ALPHA-MAC
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
How to enhance the security of the 3GPP confidentiality and integrity algorithms
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Provably secure MACs from differentially-uniform permutations and AES-Based implementations
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
TrCBC: Another look at CBC-MAC
Information Processing Letters
Improved security analyses for CBC MACs
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
EME*: extending EME to handle arbitrary-length messages with associated data
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
A provable-security treatment of the key-wrap problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Forgery and key recovery attacks on PMAC and mitchell's TMAC variant
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
The sum of CBC MACs is a secure PRF
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Practical schemes for privacy and security enhanced RFID
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Partial key recovery attacks on XCBC, TMAC and OMAC
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
PRF domain extension using DAGs
TCC'06 Proceedings of the Third conference on Theory of Cryptography
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
PMAC with parity: minimizing the query-length influence
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication
SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication
New bounds for PMAC, TMAC, and XCBC
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Γ-MAC[H, P]: a new universal MAC scheme
WEWoRC'11 Proceedings of the 4th Western European conference on Research in Cryptology
3kf9: enhancing 3GPP-MAC beyond the birthday bound
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
The weakness of integrity protection for LTE
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
| Hi-index | 0.00 |
We suggest some simple variants of the CBC MAC that let you efficiently MAC messages of arbitrary lengths. Our constructions use three keys, K1, K2, K3, to avoid unnecessary padding and MAC any message M ∈ {0, 1}* using max{1,«|M|/n»} applications of the underlying n-bit block cipher. Our favorite construction, XCBC, works like this: if |M| is a positive multiple of n then XOR the n-bit key K2 with the last block of M and compute the CBC MAC keyed with K1; otherwise, extend M's length to the next multiple of n by appending minimal 10i padding (i ≥ 0), XOR the n-bit key K3 with the last block of the padded message, and compute the CBC MAC keyed with K1. We prove the security of this and other constructions, giving concrete bounds on an adversary's inability to forge in terms of her inability to distinguish the block cipher from a random permutation. Our analysis exploits new ideas which simplify proofs compared to prior work.