Paper 2019/1347
Variable Tag Length Message Authentication Code Schemes
Sebati Ghosh and Palash Sarkar
Abstract
This work studies message authentication code (MAC) schemes supporting variable tag lengths. We provide a formalisation of such a scheme. Several variants of the classical Wegman-Carter MAC scheme are considered. Most of these are shown to be insecure by pointing out detailed attacks. One of these schemes is highlighted and proved to be secure. We further build on this scheme to obtain single-key nonce-based variable tag length MAC schemes utilising either a stream cipher or a short-output pseudo-random function. These schemes can be efficiently instantiated using practical well known primitives. We further consider the problem of building variable tag length MAC schemes without nonces. Again, efficient constructions of such schemes are described along with their proofs of security.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- MACvariable tag lengthWegman-Cartersecurity bound
- Contact author(s)
-
sebati1987 @ gmail com
palash @ isical ac in - History
- 2020-05-15: last of 2 revisions
- 2019-11-22: received
- See all versions
- Short URL
- https://ia.cr/2019/1347
- License
-
CC BY