MAC Reforgeability

14 years 5 months ago

Download eprint.iacr.org

Message Authentication Codes (MACs) are core algorithms deployed in virtually every security protocol in common usage. In these protocols, the integrity and authenticity of messages rely entirely on the security of the MAC; we examine cases in which this security is lost. In this paper, we examine the notion of "reforgeability" for MACs, and motivate its utility in the context of {power, bandwidth, CPU}-constrained computing environments. We first give a definition for this new notion, then examine some of the most widely-used and well-known MACs under our definition in a variety of adversarial settings, finding in nearly all cases a failure to meet the new notion. We examine simple counter-measures to increase resistance to reforgeabiliy, using state and truncating the tag length, but find that both are not simultaneously applicable to modern MACs. In response, we give a tight security reduction for a new MAC, WMAC, which we argue is the "best fit" for resource-li...

John Black, Martin Cochran

Real-time Traffic

Cryptography | FSE 2009 | Message Authentication Codes | Tight Security Reduction | Well-known Macs |

claim paper

Post Info
More Details (n/a)

Added	25 Nov 2009
Updated	25 Nov 2009
Type	Conference
Year	2009
Where	FSE
Authors	John Black, Martin Cochran

Comments (0)

Sciweavers

MAC Reforgeability

Cryptography | FSE 2009 | Message Authentication Codes | Tight Security Reduction | Well-known Macs |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers