On the Security of Two MAC Algorithms (1995) [24 citations — 4 self]

Download:
http://cert.unisa.it/pub/Documentation/Cryptograph
ftp://ftp.esat.kuleuven.ac.be/pub/COSIC/preneel/tw
http://www.cis.upenn.edu/~cis700-2/papers/On_the_s
http://www.cix.co.uk/~klockstone/twomacs.pdf
DBLP
CACHED:

by Bart Preneel , Paul C. Van Oorschot

In Advances in Cryptology — EUROCRYPT ’96

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@INPROCEEDINGS{Preneel95onthe,
    author = {Bart Preneel and Paul C. Van Oorschot},
    title = {On the Security of Two MAC Algorithms},
    booktitle = {In Advances in Cryptology — EUROCRYPT ’96},
    year = {1995},
    pages = {pp.},
    publisher = {Springer-Verlag}
}

Years of Citing Articles

Bookmarks

OpenURL

Abstract:

We consider the security of two message authentication code (MAC) algorithms: the MD5-based envelope method (RFC 1828), and the banking standard MAA (ISO 8731--2). Customization of a general MAC forgery attack allows improvements in both cases. For the envelope method, the forgery attack is extended to allow key recovery; for example, a 128-bit key can be recovered using 2^67 known text-MAC pairs and time plus 2^13 chosen texts. For MAA, internal collisions are found with fewer and shorter messages than previously by exploiting the algorithm's internal structure; the number of chosen texts (each 256 Kbyte long) for a forgery can be reduced by two orders of magnitude, e.g. from 2^24 to 2^17 . Moreover, certain internal collisions allow key recovery, and weak keys for MAA are identified.

Citations

332	Keying Hash Functions for Message Authentication – Bellare, Canetti, et al. - 1996
263	Differential Cryptanalysis of the Data Encryption Standard – Biham, Shamir
131	The Security of Cipher Block Chaining – Bellare, Kilian, et al. - 1994
100	XOR MACs: New methods for message authentication using finite pseudorandom functions – Bellare, Gu'erin, et al. - 1995
98	The First Experimental Cryptanalysis of the Data Encryption Standard – Matsui - 1994
90	Message authentication with one-way hash functions – Tsudik - 1992
80	The MD5 Message-Digest Algorithm. Request for Comments 1321, Network Working Group – Rivest - 1992
72	Security for Computer Networks – Davies, Price - 1984
57	The MD5 Message-Digest Algorithm", RFC 1321 – Rivest - 1992
55	Oorschot, "MD-x MAC and building fast MACs from hash functions – Preneel, van - 1995
45	Bucket Hashing and its Application to Fast Message Authentication – Rogaway - 1995
26	Message Authentication with MD5 – Kaliski, Robshaw - 1995
12	Oorschot, "MD-x MAC and building fast MACs from hash functions – Preneel, van - 1995
7	Information technology -- Data cryptographic techniques -- Data integrity mechanisms using a cryptographic check function employing a block cipher algorithm – ISOIEC - 1987
6	A Message Authenticator Algorithm Suitable for A Mainframe Computer – Davies - 1985
5	Banking -- approved algorithms for message authentication, Part 1 – ISO - 1987
3	The message authenticator algorithm (MAA) and its implementation – Davies, Clayden - 1988
3	Private communication – Krawczyk - 1997
2	How to key Merkle--Cascaded pseudorandomness and its concrete security – Bellare, Canetti, et al. - 1995
1	File authentication: A rule for constructing algorithms – Block - 1983
1	IP Authentication using Keyed MD5", Internet Request for Comments 1828 – Metzger, Simpson - 1995
1	Rogaway� �XOR MACs� new methods for message authen� tication using block ciphers – P - 1995
1	Clayden� �The message authenticator algorithm �MAA� and its im� plementation – O - 1988
1	Robshaw� �Message authentication with MD5�� CryptoBytes �RSA – M - 1995
1	Rogaway� �Bucket hashing and its application to fast message authentication – unknown authors - 1995
1	IP Authentication using Keyed MD5�� Internet Request for Comments 1828 – Simpson� - 1995

View or Download | Add to My Collection | Correct Errors