Cryptology ePrint Archive: Report 2002/159

Related-Key and Key-Collision Attacks Against RMAC

Tadayoshi Kohno

Abstract: In [JJV02] Jaulmes, Joux, and Valette propose a new randomized message authentication scheme, called RMAC, which NIST is currently in the process of standardizing [NIS02]. In this work we present several attacks against RMAC. The attacks are based on a new protocol-level related-key attack against RMAC and can be considered variants of Biham's key-collision attack [Bih02]. These attacks provide insights into the RMAC design. We believe that the protocol-level related-key attack is of independent interest.

Category / Keywords: cryptographic protocols / RMAC, key-collision attacks, related-key attacks.

Date: received 21 Oct 2002, last revised 2 Dec 2002

Contact author: tkohno at cs ucsd edu

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20021203:005921 (All versions of this report)

Short URL: ia.cr/2002/159

Discussion forum: Show discussion | Start new discussion