Distinguishing and Forgery Attacks on Alred  and Its AES-based Instance Alpha-MAC

Zheng Yuan; Keting Jia; Wei Wang; Xiaoyun Wang

Paper 2008/516

Distinguishing and Forgery Attacks on Alred and Its AES-based Instance Alpha-MAC

Zheng Yuan, Keting Jia, Wei Wang, and Xiaoyun Wang

Abstract

In this paper, we present new distinguishers of the MAC construction \textsc{Alred} and its specific instance \textsc{Alpha}-MAC based on AES, which is proposed by Daemen and Rijmen in 2005. For the \textsc{Alred} construction, we describe a general distinguishing attack which leads to a forgery attack directly. The complexity is $2^{64.5}$ chosen messages and $2^{64.5}$ queries with success probability 0.63. We also use a two-round collision differential path for \textsc{Alpha}-MAC, to construct a new distinguisher with about $2^{65.5}$ queries. The most important is that the new distinguisher can be used to recover the internal state, which is an equivalent secret subkey, and leads to a second preimage attack. Moreover, the distinguisher on \textsc{Alred} construction is also applicable to the MACs based on CBC and CFB encryption mode.

Note: Recovery of the internal state is presented.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Published elsewhere. Unknown where it was published
Keywords: Distinguishing attack Forgery attack \textsc{Alred} construction \textsc{Alpha}-MAC AES
Contact author(s): xiaoyunwang @ mail tsinghua edu cn
History: 2008-12-12: revised; 2008-12-09: received; See all versions
Short URL: https://ia.cr/2008/516
License: CC BY

BibTeX

@misc{cryptoeprint:2008/516,
      author = {Zheng Yuan and Keting Jia and Wei Wang and Xiaoyun Wang},
      title = {Distinguishing and Forgery Attacks on Alred  and Its {AES}-based Instance Alpha-{MAC}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/516},
      year = {2008},
      url = {https://eprint.iacr.org/2008/516}
}