Cryptology ePrint Archive: Report 2008/516

Distinguishing and Forgery Attacks on Alred and Its AES-based Instance Alpha-MAC

Zheng Yuan and Keting Jia and Wei Wang and Xiaoyun Wang

Abstract: In this paper, we present new distinguishers of the MAC construction \textsc{Alred} and its specific instance \textsc{Alpha}-MAC based on AES, which is proposed by Daemen and Rijmen in 2005. For the \textsc{Alred} construction, we describe a general distinguishing attack which leads to a forgery attack directly. The complexity is $2^{64.5}$ chosen messages and $2^{64.5}$ queries with success probability 0.63. We also use a two-round collision differential path for \textsc{Alpha}-MAC, to construct a new distinguisher with about $2^{65.5}$ queries. The most important is that the new distinguisher can be used to recover the internal state, which is an equivalent secret subkey, and leads to a second preimage attack. Moreover, the distinguisher on \textsc{Alred} construction is also applicable to the MACs based on CBC and CFB encryption mode.

Category / Keywords: secret-key cryptography / Distinguishing attack, Forgery attack, \textsc{Alred} construction, \textsc{Alpha}-MAC, AES

Date: received 4 Dec 2008, last revised 12 Dec 2008

Contact author: xiaoyunwang at mail tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Note: Recovery of the internal state is presented.

Version: 20081212:153554 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]