We present a new message authentication code (MAC) based on block ciphers. Our new MAC algorithm, though twice as slow as an ordinary CBC MAC, can be proven to be a pseudo-random function secure against O(22n/3) queries, under the assumption that the underlying n-bit block cipher is a secure pseudo-random permutation. Our design is quite simple, being similar to Algorithm 5 (and 6) of ISO/IEC 9797-1:1999-we just take the sum (xor) of two encrypted CBC MACs. We remark that no proof of security above the birthday bound (2n/2) has been known for the sum of CBC MACs. The sum construction now becomes the first realization of a block-cipher-based, deterministic, stateless MAC algorithm being provably secure beyond the birthday bound of O(2n/2) and running with practical efficiency. © 2010 Springer-Verlag.
CITATION STYLE
Yasuda, K. (2010). The sum of CBC MACs is a secure PRF. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5985 LNCS, pp. 366–381). https://doi.org/10.1007/978-3-642-11925-5_25
Mendeley helps you to discover research relevant for your work.