Paper 2013/444

Sequential message authentication code without random oracles

Bin Wang and Xiaojing Hong

Abstract

Katz et al. provided a generic transform to construct aggregate message authentication codes and imposed a lower bound on the length of one aggregate MAC tag. The lower bound shows that the required tag length is at least linear with the number of messages when fast verification such as constant or logarithmic computation overhead is required. Aggregate message authentication codes are useful in settings such as mobile ad-hoc networks where devices are resource-constrained and energy cost is at a premium. In this paper, we introduce the notion of sequential aggregate message authentication code (SAMAC). We present a security model for this notion under unforgeability against chosen message and verification query attack and construct an efficient SAMAC scheme by extending a number-theoretic MAC construction due to Dodis et al. We prove the security of our SAMAC scheme under the CDH assumption in the standard model. Our SAMAC scheme improves the lower bound with the help of the underlying algebraic structure. Performance analysis shows that our SAMAC scheme yields constant computation for the verifier as well as fixed length for one aggregate.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Message authentication codeSequential aggregateCDH assumption
Contact author(s)
jxbin76 @ yeah net
History
2013-07-22: received
Short URL
https://ia.cr/2013/444
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/444,
      author = {Bin Wang and Xiaojing Hong},
      title = {Sequential message authentication code without random oracles},
      howpublished = {Cryptology ePrint Archive, Paper 2013/444},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/444}},
      url = {https://eprint.iacr.org/2013/444}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.