Skip to main content
Conference Proceedings

The sum of CBC MACs is a secure PRF

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2010) 5985 LNCS 366-381
DOI: 10.1007/978-3-642-11925-5_25
37Citations
Citations of this article
19Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We present a new message authentication code (MAC) based on block ciphers. Our new MAC algorithm, though twice as slow as an ordinary CBC MAC, can be proven to be a pseudo-random function secure against O(22n/3) queries, under the assumption that the underlying n-bit block cipher is a secure pseudo-random permutation. Our design is quite simple, being similar to Algorithm 5 (and 6) of ISO/IEC 9797-1:1999-we just take the sum (xor) of two encrypted CBC MACs. We remark that no proof of security above the birthday bound (2n/2) has been known for the sum of CBC MACs. The sum construction now becomes the first realization of a block-cipher-based, deterministic, stateless MAC algorithm being provably secure beyond the birthday bound of O(2n/2) and running with practical efficiency. © 2010 Springer-Verlag.

Author supplied keywords

Cite

CITATION STYLE

APA

Yasuda, K. (2010). The sum of CBC MACs is a secure PRF. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5985 LNCS, pp. 366–381). https://doi.org/10.1007/978-3-642-11925-5_25

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free