Abstract
The security of randomized message authentication code, MAC for short, is typically depending on the uniqueness of random initial vectors (IVs). Thus its security bound usually contains O(q 2/2 n ), when random IV is n bits and q is the number of MACed messages. In this paper, we present how to break this birthday barrier without increasing the randomness. Our proposal is almost as efficient as the well-known Carter-Wegman MAC, uses n-bit random IVs, and provides the security bound roughly O(q 3/2 2n ). We also provide blockcipher-based instantiations of our proposal. They are almost as efficient as CBC-MAC and the security is solely based on the pseudorandomness of the blockcipher. © 2010 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Minematsu, K. (2010). How to thwart birthday attacks against MACs via small randomness. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6147 LNCS, pp. 230–249). https://doi.org/10.1007/978-3-642-13858-4_13
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
