Sciweavers

FSE
2004
Springer

Cryptanalysis of a Message Authentication Code due to Cary and Venkatesan

14 years 4 months ago
Cryptanalysis of a Message Authentication Code due to Cary and Venkatesan
A cryptanalysis is given of a MAC proposal presented at CRYPTO 2003 by Cary and Venkatesan. A nice feature of the CaryVenkatesan MAC is that a lower bound on its security can be proved when a certain block cipher is modelled as an ideal cipher. Our attacks find collisions for the MAC and yield MAC forgeries, both faster than a straightforward application of the birthday paradox would suggest. For the suggested parameter sizes (where the MAC is 128 bits long) we give a method to find collisions using about 248.5 MAC queries, and to forge MACs using about 255 MAC queries. We emphasise that our results do not contradict the lower bounds on security proved by Cary and Venkatesan. Rather, they establish an upper bound on the MAC’s security that is substantially lower than one would expect for a 128-bit MAC.
Simon R. Blackburn, Kenneth G. Paterson
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Where FSE
Authors Simon R. Blackburn, Kenneth G. Paterson
Comments (0)