Paper 2013/444
Sequential message authentication code without random oracles
Bin Wang and Xiaojing Hong
Abstract
Katz et al. provided a generic transform to construct aggregate message authentication codes and imposed a lower bound on the length of one aggregate MAC tag. The lower bound shows that the required tag length is at least linear with the number of messages when fast verification such as constant or logarithmic computation overhead is required. Aggregate message authentication codes are useful in settings such as mobile ad-hoc networks where devices are resource-constrained and energy cost is at a premium. In this paper, we introduce the notion of sequential aggregate message authentication code (SAMAC). We present a security model for this notion under unforgeability against chosen message and verification query attack and construct an efficient SAMAC scheme by extending a number-theoretic MAC construction due to Dodis et al. We prove the security of our SAMAC scheme under the CDH assumption in the standard model. Our SAMAC scheme improves the lower bound with the help of the underlying algebraic structure. Performance analysis shows that our SAMAC scheme yields constant computation for the verifier as well as fixed length for one aggregate.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- Message authentication codeSequential aggregateCDH assumption
- Contact author(s)
- jxbin76 @ yeah net
- History
- 2013-07-22: received
- Short URL
- https://ia.cr/2013/444
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2013/444,
author = {Bin Wang and Xiaojing Hong},
title = {Sequential message authentication code without random oracles},
howpublished = {Cryptology {ePrint} Archive, Paper 2013/444},
year = {2013},
url = {https://eprint.iacr.org/2013/444}
}
