The RMAC[6] is a variant of CBC-MAC, which resists birthday attacks and gives provably full security. The RMAC uses 2k-bit keys and the size of the RMAC is 2n, where n is the size of underlying block cipher. The TMAC[10] is the improved MAC scheme of XCBC[4] such that it requires (k +n)-bit keys while the XCBC requires (k +2n)-bit keys. In this paper, we introduce trivial key recovery attack on the RMAC with about 2n computations, which is more realistic than the attacks in [9]. Also we give a new attack on the TMAC using about 2 n/2+1 texts, which can recover an (k + n)-bit key. However this attack can not be applied to the XCBC. Furthermore we analyzed the IACBC mode[8], which gives confidentiality and message integrity. © 2003 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Sung, J., Hong, D., & Lee, S. (2003). Key recovery attacks on the RMAC, TMAC, and IACBC. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2727 LNCS, pp. 265–273). https://doi.org/10.1007/3-540-45067-X_23
Mendeley helps you to discover research relevant for your work.