Sciweavers

CRYPTO
2000
Springer

L-collision Attacks against Randomized MACs

14 years 4 months ago
L-collision Attacks against Randomized MACs
In order to avoid birthday attacks on message authentication schemes, it has been suggested that one add randomness to the scheme. One must be careful about how randomness is added, however. This paper shows that prefixing randomness to a message before running the message through an iterated MAC leads to an attack that takes only O 2(l+r)/3 + max{2l/2 , 2r/2 } queries to break, where l is the size of the MAC iteration output and r is the size of the prefixed randomness.
Michael Semanko
Added 02 Aug 2010
Updated 02 Aug 2010
Type Conference
Year 2000
Where CRYPTO
Authors Michael Semanko
Comments (0)