Cryptology ePrint Archive: Report 2014/251

Forgery on Stateless CMCC

Guy Barwell

Abstract: We present attacks against CMCC that invalidate the claimed security of integrity protection and misuse resistance. We exploit the fact zero-padding is used on both the message and authenticated data and demonstrate how one may generate a forgery with a single call to the encryption oracle. From this we calculate the ciphertext of the chosen message, yielding a forgery and so breaking INT-CTXT. In the nonce-reuse setting, existence of a forgery leads directly to a 2-query distinguisher.

Category / Keywords: secret-key cryptography / CAESAR, cmcc, authenticated-encryption,

Date: received 8 Apr 2014, last revised 22 Apr 2014

Contact author: guy barwell at bristol ac uk

Available format(s): PDF | BibTeX Citation

Note: Added author contact information to body of paper

Version: 20140422:104602 (All versions of this report)

Short URL: ia.cr/2014/251

Discussion forum: Show discussion | Start new discussion