Sciweavers

SCN
2010
Springer

History-Free Aggregate Message Authentication Codes

13 years 11 months ago
History-Free Aggregate Message Authentication Codes
Aggregate message authentication codes, as introduced by Katz and Lindell (CT-RSA 2008), combine several MACs into a single value, which has roughly the same size as an ordinary MAC. These schemes reduce the communication overhead significantly and are therefore a promising approach to achieve authenticated communication in mobile ad-hoc networks, where communication is prohibitively expensive. Here we revisit the unforgeability notion for aggregate MACs and discuss that the definition does not prevent “mix-and-match” attacks in which the adversary turns several aggregates into a “fresh” combination, i.e., into a valid aggregate on a sequence of messages which the attacker has not requested before. In particular, we show concrete attacks on the previous scheme. To capture the broader class of combination attacks, we provide a stronger security notion of aggregation unforgeability. While we can provide stateful transformations lifting (non-ordered) schemes to meet our stronger...
Oliver Eikemeier, Marc Fischlin, Jens-Fabian G&oum
Added 30 Jan 2011
Updated 30 Jan 2011
Type Journal
Year 2010
Where SCN
Authors Oliver Eikemeier, Marc Fischlin, Jens-Fabian Götzmann, Anja Lehmann, Dominique Schröder, Peter Schröder, Daniel Wagner
Comments (0)