In order to avoid birthday attacks on message authentication schemes, it has been suggested that one add randomness to the scheme. One must be careful about how randomness is added, however. This paper shows that prefixing randomness to a message before running the message through an iterated MAC leads to an attack that takes only O (2(l+r)/3+max{2l/2, 2r/2}) queries to break, where l is the size of the MAC iteration output and r is the size of the prefixed randomness.
CITATION STYLE
Semanko, M. (2000). L-collision attacks against randomized MACs. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1880, pp. 216–228). Springer Verlag. https://doi.org/10.1007/3-540-44598-6_13
Mendeley helps you to discover research relevant for your work.