Skip to main content
SpringerLink
Log in
Book cover

International Conference on Cryptology and Network Security

CANS 2009: Cryptology and Network Security pp 349–361Cite as

Distinguishing and Second-Preimage Attacks on CBC-Like MACs

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5888))

Abstract

This paper first presents a new distinguishing attack on the CBC-MAC structure based on block ciphers in cipher block chaining (CBC) mode. This attack detects a CBC-like MAC from random functions. The second result of this paper is a second-preimage attack on the CBC-MAC, which is an extension of the attack of Brincat and Mitchell. The attack also covers MT-MAC, PMAC and MACs with three-key enciphered CBC mode. Instead of exhaustive search, both types of attacks are of birthday attack complexity.

Supported by the National Natural Science Foundation of China (NSFC Grant No. 60525201) and 973 Project (No.2007CB807902).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ANSI X9.9 (revised): Financial Institution Message Authentication (wholesale), American Bankers Association (1986)

    Google Scholar 

  2. ANSI X9.19: Financial Institution Retail Message Authentication, American Bankers Association (1986)

    Google Scholar 

  3. Bellare, M., Kilian, J., Rogaway, P.: The Security of the Cipher Block Chaining Message Authentication Code. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)

    Google Scholar 

  4. Brincat, K., Mitchell, C.J.: New CBC-MAC Forgery Attacks. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 3–14. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  5. Bosselaers, A., Preneel, B. (eds.): RIPE 1992. LNCS, vol. 1007. Springer, Heidelberg (1995)

    Google Scholar 

  6. Black, J., Rogaway, P.: CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197–215. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Black, J., Rogaway, P.: A Block-Cipher Mode of Operation for Parallelizable Message Authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Coppersmith, D., Knudsen, L.R., Mitchell, C.J.: Key Recovery and Forgery Attacks on the MacDES MAC Algorithm. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 184–196. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  9. Coppersmith, D., Mitchell, C.J.: Attacks on MacDES MAC algorithm. Electronics Letters 35, 1626–1627 (1999)

    Article  Google Scholar 

  10. Dodis, Y., Pietrzak, K., Puniya, P.: A New Mode of Operation for Block Ciphers and Length-Preserving MACs. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 198–219. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  11. ISO/IEC 9797–1, Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher. International Organization for Standardization, Genève, Switzerland (1999)

    Google Scholar 

  12. Knudsen, L.R.: Chosen-text Attack on CBC-MAC. Electronic Letters 33(1) (1997)

    Google Scholar 

  13. Iwata, T., Kurosawa, K.: OMAC: One-Key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)

    Google Scholar 

  14. Kurosawa, K., Iwata, T.: TMAC: Two-Key CBC MAC. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 265–273. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Minematsu, K., Tsunoo, Y.: Provably Secure MACs from Differentially-Uniform Permutations and AES-Based Implementations. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 226–241. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  16. NIST, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. NIST Special Publication 800-38B (2005)

    Google Scholar 

  17. Preneel, B., Knudsen, L.R.: MacDES: MAC algorithm based on DES. Electronic Letters 33(1) (1997)

    Google Scholar 

  18. Preneel, B., van Oorschot, P.C.: MDx-MAC and Building Fast MACs from Hash Functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 1–14. Springer, Heidelberg (1995)

    Google Scholar 

  19. Preneel, B., van Oorschot, P.C.: Key Recovery Attack on ANSI X9.19 Retail MAC. Electronic Letters 32(17) (1996)

    Google Scholar 

  20. Petrank, E., Rackoff, C.: CBC MAC for Real-Time Data Sources. J. Cryptology 13(3), 315–338 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  21. Wang, X., Wang, W., Jia, K., Wang, M.: New Distinguishing Attack on MAC using Secret-Prefix Method. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 363–374. Springer, Heidelberg (2009)

    Google Scholar 

  22. Wang, X., Yu, H., Wang, W., Zhang, H., Zhan, T.: Cryptanalysis on HMAC/NMAC-MD5 and MD5-MAC. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 121–133. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  23. Yuan, Z., Jia, K., Wang, W., Wang, X.: Distinguishing and Forgery Attacks on Alred and Its AES-based Instance Alpha-MAC (2008), http://eprint.iacr.org/2008/516

  24. Yuval, G.: How to Swindle Rabin. Cryptologia 3, 187–189 (1979)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, 250100, China

    Keting Jia & Xiaoyun Wang

  2. Institute for Advanced Study, Tsinghua University, Beijing, 100084, China

    Xiaoyun Wang, Zheng Yuan & Guangwu Xu

  3. Beijing Electronic Science and Technology Institute, Beijing, 100070, China

    Zheng Yuan

  4. Department of Electrical Engineering and Computer Science, University of Wisconsin-Milwaukee, USA

    Guangwu Xu

Authors
  1. Keting Jia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaoyun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zheng Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guangwu Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. AT&T Labs Research, Florham Park, NJ, USA

    Juan A. Garay

  2. Japan Advanced Institute of Science and Technology (JAIST), Nomi, Ishikawa, Japan

    Atsuko Miyaji

  3. National Institute of Advanced Industrial Science and Technoloy (AIST), Tokyo, Japan

    Akira Otsuka

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jia, K., Wang, X., Yuan, Z., Xu, G. (2009). Distinguishing and Second-Preimage Attacks on CBC-Like MACs. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds) Cryptology and Network Security. CANS 2009. Lecture Notes in Computer Science, vol 5888. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10433-6_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10433-6_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10432-9

  • Online ISBN: 978-3-642-10433-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation