Paper 2013/111

Message Authentication Codes Secure against Additively Related-Key Attacks

Keita Xagawa

Abstract

Message Authentication Code (MAC) is one of most basic primitives in cryptography. After Biham (EUROCRYPT 1993) and Knudsen (AUSCRYPT 1992) proposed related-key attacks (RKAs), RKAs have damaged MAC's security. To relieve MAC of RKA distress, Bellare and Cash proposed pseudo-random functions (PRFs) secure against multiplicative RKAs (CRYPTO 2010). They also proposed PRFs secure against additive RKAs, but their reduction requires sub-exponential time. Since PRF directly implies Fixed-Input Length (FIL) MAC, their PRFs result in MACs secure against multiplicative RKAs. In this paper, we proposed Variable-Input Length (VIL) MAC secure against additive RKAs, whose reductions are polynomial time in the security parameter. Our construction stems from MACs from number-theoretic assumptions proposed by Dodis, Kiltz, Pietrzak, Wichs (EUROCRYPT 2012) and public-key encryption schemes secure against additive RKAs proposed by Wee (PKC 2012).

Note: Correct minor typos

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
message authentication coderelated-key attack
Contact author(s)
xagawa keita @ lab ntt co jp
History
2013-04-01: revised
2013-02-27: received
See all versions
Short URL
https://ia.cr/2013/111
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/111,
      author = {Keita Xagawa},
      title = {Message Authentication Codes Secure against Additively Related-Key Attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/111},
      year = {2013},
      url = {https://eprint.iacr.org/2013/111}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.