Abstract
We present an improved bound on the advantage of any q-query adversary at distinguishing between the CBC MAC over a random n-bit permutation and a random function outputting n bits. The result assumes that no message queried is a prefix of any other, as is the case when all messages to be MACed have the same length. We go on to give an improved analysis of the encrypted CBC MAC, where there is no restriction on queried messages. Letting m be the block length of the longest query, our bounds are about mq 2/2n for the basic CBC MAC and m o(1) q 2/2n for the encrypted CBC MAC, improving prior bounds of m 2 q 2/2n. The new bounds translate into improved guarantees on the probability of forging these MACs.
Chapter PDF
Similar content being viewed by others
Keywords
- Random Function
- Structure Graph
- Message Authentication Code
- Cryptology ePrint Archive
- Fast Software Encryption
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bellare, M., Goldreich, O., Mityagin, A.: The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive: Report 2004/309
Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences (JCSS) 61(3), 362–399 (2000); Earlier version in Crypto 1994
Bellare, M., Pietrzak, K., Rogaway, P.: Improved security analyses for CBC MACs. Full version of this paper. Available via authors’ web pages
Bellare, M., Rogaway, P.: The game-playing technique. Cryptology ePrint Archive: Report 2004/331
Berendschot, A., den Boer, B., Boly, J., Bosselaers, A., Brandt, J., Chaum, D., Damgård, I., Dichtl, M., Fumy, W., van der Ham, M., Jansen, C., Landrock, P., Preneel, B., Roelofsen, G., de Rooij, P., Vandewalle, J.: Final Report of Race Integrity Primitives. In: Bosselaers, A., Preneel, B. (eds.) RIPE 1992. LNCS, vol. 1007. Springer, Heidelberg (1995)
Berke, R.: On the security of iterated MACs. Diploma Thesis, ETH Zürich (August 2003)
Black, J., Rogaway, P.: CBC MACs for arbitrary-length messages: the three-key constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, p. 197. Springer, Heidelberg (2000)
Dodis, Y.: Personal communication to K. Pietrzak (2004)
Dodis, Y., Gennaro, R., Håstad, J., Krawczyk, H., Rabin, T.: Randomness extraction and key derivation using the CBC, Cascade, and HMAC modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 494–510. Springer, Heidelberg (2004)
Hardy, G., Wright, E.: An Introduction to the Theory of Numbers. Oxford University Press, Oxford (1980)
Jaulmes, E., Joux, A., Valette, F.: On the security of randomized CBC-MAC beyond the birthday paradox limit: a new construction. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, p. 237. Springer, Heidelberg (2002)
Kilian, J., Rogaway, P.: How to protect DES against exhaustive key search (an analysis of DESX). Journal of Cryptology 14(1), 17–35 (2001); Earlier version in Crypto 1996
Maurer, U.: Indistinguishability of random systems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, p. 110. Springer, Heidelberg (2002)
Dworkin, M.: National Institute of Standards and Technology, U.S. Department of Commerce. Recommendation for block cipher modes of operation: the CMAC mode for authentication. NIST Special Publication 800-38B (May 2005)
Petrank, E., Rackoff, C.: CBC MAC for real-time data sources. Journal of Cryptology 13(3), 315–338 (2000)
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint report 2004/332 (2004)
Vaudenay, S.: Decorrelation over infinite domains: the encrypted CBC-MAC case. Communications in Information and Systems (CIS) 1, 75–85 (2001)
Wegman, M., Carter, L.: New classes and applications of hash functions. In: Symposium on Foundations of Computer Science (FOCS), pp. 175–182 (1979)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bellare, M., Pietrzak, K., Rogaway, P. (2005). Improved Security Analyses for CBC MACs. In: Shoup, V. (eds) Advances in Cryptology – CRYPTO 2005. CRYPTO 2005. Lecture Notes in Computer Science, vol 3621. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11535218_32
Download citation
DOI: https://doi.org/10.1007/11535218_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28114-6
Online ISBN: 978-3-540-31870-5
eBook Packages: Computer ScienceComputer Science (R0)