Skip to main content
SpringerLink
Log in

Key-Indistinguishable Message Authentication Codes

  • Conference paper
Security and Cryptography for Networks (SCN 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8642))

Included in the following conference series:

Abstract

While standard message authentication codes (MACs) guarantee authenticity of messages, they do not, in general, guarantee the anonymity of the sender and the recipient. For example it may be easy for an observer to determine whether or not two authenticated messages were sent by the same party even without any information about the secret key used. However preserving any uncertainty an attacker may have about the identities of honest parties engaged in authenticated communication is an important goal of many cryptographic applications. For example this is stated as an explicit goal of modern cellphone authentication protocols [rGPP12] and RFID based authentication systems [Vau10].

In this work we introduce and construct a new fundamental cryptographic primitive called key indistinguishable (KI) MACs. These can be used to realize many of the most important higher-level applications requiring some form of anonymity and authenticity [AHM + 14a]. We show that much (though not all) of the modular MAC construction framework of [DKPW12] gives rise to several variants of KI MACs. On the one hand, we show that KI MACs can be built from hash proof systems and certain weak PRFs allowing us to base security on assumptions such as DDH, CDH and LWE. Next we show that the two direct constructions from the LPN assumption of [DKPW12] are KI, resulting in particularly efficient constructions based on structured assumptions. On the other hand, we also give a very simple and efficient construction based on a PRF which allows us to base KI MACs on some ideal primitives such as an ideal compression function (using HMAC) or block-cipher (using say CBC-MAC). In particular, by using our PRF construction, many real-world implementations of MACs can be easily and cheaply modified to obtain a KI MAC. Finally we show that the transformations of [DKPW12] for increasing the domain size of a MAC as well as for strengthening the type of unforgeability it provides also preserve (or even strengthen) the type of KI enjoyed by the MAC. All together these results provide a wide range of assumptions and construction paths for building various flavors of this new primitive.

The unabridged version of this paper appears in[AHM + 14b].

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alwen, J., Hirt, M., Maurer, U., Patra, A., Raykov, P.: Anonymous authentication with shared secrets. Cryptology ePrint Archive, Report 2014/073 (2014), http://eprint.iacr.org/

  2. Alwen, J., Hirt, M., Maurer, U., Patra, A., Raykov, P.: Key-indistinguishable message authentication codes. Cryptology ePrint Archive, Report 2014/107 (2014), http://eprint.iacr.org/

  3. Arapinis, M., Mancini, L.I., Ritter, E., Ryan, M., Golde, N., Redon, K., Borgaonkar, R.: New privacy issues in mobile telephony: fix and verification. In: ACM Conference on Computer and Communications Security, pp. 205–216. ACM (2012)

    Google Scholar 

  4. Arapinis, M., Mancini, L.I., Ritter, E., Ryan, M.: Formal analysis of umts privacy, CoRR abs/1109.2066 (2011)

    Google Scholar 

  5. Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 566–582. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)

    Google Scholar 

  7. Bellare, M., Canetti, R., Krawczyk, H.: Pseudorandom functions revisited: The cascade construction and its concrete security. In: FOCS, pp. 514–523 (1996)

    Google Scholar 

  8. Bellare, M.: New proofs for NMAC and HMAC: Security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  9. Burmester, M., Le, T.V., de Medeiros, B., Tsudik, G.: Universally composable RFID identification and authentication protocols. ACM Trans. Inf. Syst. Secur. 12(4) (2009)

    Google Scholar 

  10. Burmester, M., Munilla, J.: Lightweight RFID authentication with forward and backward security. ACM Trans. Inf. Syst. Secur. 14(1), 11 (2011)

    Article  Google Scholar 

  11. Bellare, M., Pietrzak, K., Rogaway, P.: Improved security analyses for CBC mACs. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 527–545. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Banerjee, A., Peikert, C., Rosen, A.: Pseudorandom functions and lattices. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 719–737. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  13. Dodis, Y., Kiltz, E., Pietrzak, K., Wichs, D.: Message authentication, revisited. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 355–374. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. Deng, R.H., Li, Y., Yung, M., Zhao, Y.: A zero-knowledge based framework for RFID privacy. Journal of Computer Security 19(6), 1109–1146 (2011)

    Google Scholar 

  15. Dodis, Y., Steinberger, J.: Message authentication codes from unpredictable block ciphers. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 267–285. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  16. Dodis, Y., Yampolskiy, A.: A verifiable random function with short proofs and keys. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 416–431. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  17. Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  18. Iwata, T., Kurosawa, K.: Omac: One-key cbc mac. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  19. Kohlweiss, M., Maurer, U., Onete, C., Tackmann, B., Venturi, D.: Anonymity-preserving public-key encryption: A constructive approach. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 19–39. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  20. Kiltz, E., Pietrzak, K., Cash, D., Jain, A., Venturi, D.: Efficient authentication from hard learning problems. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 7–26. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  21. Lee, M.-F., Smart, N.P., Warinschi, B., Watson, G.: Anonymity guarantees of the umts/lte authentication and connection protocol. Cryptology ePrint Archive, Report 2013/027 (2013), http://eprint.iacr.org/

  22. National Institute of Standards and Technology, U.S. Department of Commerce, M Dworkin. Recommendation for block cipher modes of operation: the CMAC mode for authentication. NIST Special Publication 800-38B

    Google Scholar 

  23. Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. In: FOCS, pp. 458–467 (1997)

    Google Scholar 

  24. Pietrzak, K.: Subspace LWE. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 548–563. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  25. 3rd Generation Partnership Project. Ts 33.102 - 3g security; Security architecture v11.5.0 (2012)

    Google Scholar 

  26. Tsay, J.-K., Mjølsnes, S.F.: A vulnerability in the umts and lte authentication and key agreement protocols. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 65–76. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  27. Vaudenay, S.: Privacy models for RFID schemes. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 65–65. Springer, Heidelberg (2010)

    Google Scholar 

  28. Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, ETH Zurich, Switzerland

    Joël Alwen, Martin Hirt, Ueli Maurer & Pavel Raykov

  2. Department of Computer Science & Automation, IISc Bangalore, India

    Arpita Patra

Authors
  1. Joël Alwen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Hirt
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ueli Maurer
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Arpita Patra
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Pavel Raykov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. École Normale Supérieure & CNRS, 45 rue d’Ulm, 75005, Paris, France

    Michel Abdalla

  2. Dipartimento di Informatica, Università di Salerno, via Ponte don Melillo, 84084, Fisciano, Italy

    Roberto De Prisco

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Alwen, J., Hirt, M., Maurer, U., Patra, A., Raykov, P. (2014). Key-Indistinguishable Message Authentication Codes. In: Abdalla, M., De Prisco, R. (eds) Security and Cryptography for Networks. SCN 2014. Lecture Notes in Computer Science, vol 8642. Springer, Cham. https://doi.org/10.1007/978-3-319-10879-7_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-10879-7_27

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-10878-0

  • Online ISBN: 978-3-319-10879-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation