This paper presents a novel mode of operation of compression functions, intended for dedicated use as a message authentication code (MAC.) The new approach is faster than the well-known Merkle-Damgård iteration; more precisely, it is (1 + c/b)-times as fast as the classical Merkle-Damgård hashing when applied to a compression function h : {0, 1}c+b → {0, 1}c. Our construction provides a single-key MAC with provable security; we show that the proposed scheme yields a PRF(pseudo-random function)-based MAC on the assumption that the underlying compression function h satisfies certain PRF properties. Thus our method offers a way to process data more efficiently than the conventional HMAC without losing formal proofs of security. Our design also takes into account usage with prospective compression functions; that is, those compression functions h with relatively weighty load and relatively large c (i.e., "wide-pipe") greatly benefit from the improved performance by our mode of operation. © International Association for Cryptology Research 2007.
CITATION STYLE
Yasuda, K. (2007). Boosting Merkle-Damgård hashing for message authentication. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4833 LNCS, pp. 216–231). Springer Verlag. https://doi.org/10.1007/978-3-540-76900-2_13
Mendeley helps you to discover research relevant for your work.