Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IACR
2016
2016
Revisiting Structure Graph and Its Applications to CBC-MAC and EMAC
In Crypto’05, Bellare et al. proved O( q2 /2n ) bound for the PRF (pseudorandom function) security of the CBC-MAC based on an n-bit random permutation Π, provided < 2n/3 . Here an adversary can make at most q prefix-free queries each having at most “blocks” (elements of {0, 1}n ). In the same paper O( o(1) q2 /2n ) bound for EMAC (or encrypted CBC-MAC) was proved, provided < 2n/4 . Both proofs are based on structure graphs representing all collisions among “intermediate inputs” to Π during the computation of CBC. The problem of bounding PRF-advantage is shown to be reduced to bounding the number of structure graphs satisfying certain collision patterns. Unfortunately, we have shown here that the Lemma 10 in the Crypto’05 paper, stating an important result on structure graphs, is incorrect. This is due to the fact that the authors overlooked certain structure graphs. This invalidates the proofs of the PRF bounds. In ICALP’06, Pietrzak improved the bound for EMAC b...
Real-time TrafficBiometrics | IACR 2016 |
| Added | 03 Apr 2016 |
| Updated | 03 Apr 2016 |
| Type | Journal |
| Year | 2016 |
| Where | IACR |
| Authors | Ashwin Jha, Mridul Nandi |
Comments (0)
Researcher Info
|
