2009 | OriginalPaper | Buchkapitel
New Birthday Attacks on Some MACs Based on Block Ciphers
verfasst von : Zheng Yuan, Wei Wang, Keting Jia, Guangwu Xu, Xiaoyun Wang
Erschienen in: Advances in Cryptology - CRYPTO 2009
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
This paper develops several new techniques of cryptanalyzing MACs based on block ciphers, and is divided into two parts.
The first part presents new distinguishers of the MAC construction
Alred
and its specific instance
Alpha
-MAC based on AES. For the
Alred
construction, we first describe a general distinguishing attack which leads to a forgery attack directly with the complexity of the birthday attack. A 2-round collision differential path of
Alpha
-MAC is adopted to construct a new distinguisher with about 2
65.5
chosen messages and 2
65.5
queries. One of the most important results is to use this new distinguisher to recover the internal state, which is an equivalent subkey of
Alpha
-MAC. Moreover, our distinguisher on
Alred
construction can be applied to the MACs based on CBC and CFB encryption modes.
The second part describes the first impossible differential attack on MACs-
Pelican
, MT-MAC-AES and PC-MAC-AES. Using the birthday attack, enough message pairs that produce the inner near-collision with some specific differences are detected, then the impossible differential attack on 4-round AES to the above mentioned MACs is performed. For
Pelican
, our attack recovers its internal state, which is an equivalent subkey. For MT-MAC-AES, the attack turns out to be a subkey recovery attack directly. The complexity of the two attacks is 2
85.5
chosen messages and 2
85.5
queries. For PC-MAC-AES, we recover its 256-bit key with 2
85.5
chosen messages and 2
128
queries.