Indirect message injection for MAC generation
| Data(s) |
01/10/2013
|
|---|---|
| Resumo |
This paper presents a model for the generation of a MAC tag using a stream cipher. The input message is used indirectly to control segments of the keystream that form the MAC tag. Several recent proposals can be considered as instances of this general model, as they all perform message accumulation in this way. However, they use slightly different processes in the message preparation and finalisation phases. We examine the security of this model for different options and against different types of attack, and conclude that the indirect injection model can be used to generate MAC tags securely for certain combinations of options. Careful consideration is required at the design stage to avoid combinations of options that result in susceptibility to forgery attacks. Additionally, some implementations may be vulnerable to side-channel attacks if used in Authenticated Encryption (AE) algorithms. We give design recommendations to provide resistance to these attacks for proposals following this model. |
| Formato |
application/pdf |
| Identificador | |
| Publicador |
Walter de Gruyter GmbH & Co. KG |
| Relação |
http://eprints.qut.edu.au/64776/1/JMC-TvT-405-IndirectMAC.pdf DOI:10.1515/jmc-2013-5005 Al Mashrafi, Mufeed, Bartlett, Harry, Dawson, Ed , Simpson, Leonie, & Wong, Kenneth Koon-Ho (2013) Indirect message injection for MAC generation. Journal of Mathematical Cryptology, 7(3), pp. 253-277. |
| Direitos |
Copyright 2013 Walter de Gruyter GmbH The final publication is available at www.degruyter.com |
| Fonte |
School of Electrical Engineering & Computer Science; Institute for Future Environments; School of Mathematical Sciences; Science & Engineering Faculty |
| Palavras-Chave | #080400 DATA FORMAT #MAC #stream ciphers #message injection #collision attacks #forgery attacks #side-channel attacks |
| Tipo |
Journal Article |
