Cryptology ePrint Archive: Report 2019/1347

Variable Tag Length Message Authentication Code Schemes

Sebati Ghosh and Palash Sarkar

Abstract: This work studies message authentication code (MAC) schemes supporting variable tag lengths. We provide a formalisation of such a scheme. Several variants of the classical Wegman-Carter MAC scheme are considered. Most of these are shown to be insecure by pointing out detailed attacks. One of these schemes is highlighted and proved to be secure. We further build on this scheme to obtain single-key nonce-based variable tag length MAC schemes utilising either a stream cipher or a short-output pseudo-random function. These schemes can be efficiently instantiated using practical well known primitives. We further consider the problem of building variable tag length MAC schemes without nonces. Again, efficient constructions of such schemes are described along with their proofs of security.

Category / Keywords: secret-key cryptography / MAC, variable tag length, Wegman-Carter, security bound

Date: received 22 Nov 2019

Contact author: sebati1987 at gmail com, palash@isical ac in

Available format(s): PDF | BibTeX Citation

Version: 20191122:183041 (All versions of this report)

Short URL: ia.cr/2019/1347


[ Cryptology ePrint archive ]