Cryptology ePrint Archive: Report 2008/542

Distinguishing Attack and Second-Preimage Attack on the CBC-like MACs

Keting Jia and Xiaoyun Wang and Zheng Yuan and Guangwu Xu

Abstract: In this paper, we first present a new distinguisher on the CBC-MAC based on a block cipher in Cipher Block Chaining (CBC) mode. It can also be used to distinguish other CBC-like MACs from random functions. The main results of this paper are on the second-preimage attack on CBC-MAC and CBC-like MACs include TMAC, OMAC, CMAC, PC-MAC and MACs based on three-key encipher CBC mode. Instead of exhaustive search, this attack can be performed with the birthday attack complexity.

Category / Keywords: secret-key cryptography / CBC, MAC, Distinguishing attack, Second preimage

Date: received 26 Dec 2008, last revised 12 Jan 2009

Contact author: xiaoyunwang at mail tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Version: 20090113:032724 (All versions of this report)

Short URL: ia.cr/2008/542

Discussion forum: Show discussion | Start new discussion