UWSpace: MAC Constructions: Security Bounds and Distinguishing Attacks

Library Home Page > UWSpace

	Home

Browse
	Communities & Collections
	Titles
	Authors
	Subjects
	By Date

Sign on to:
	Receive email updates
	My UWSpace registered users
	Edit Profile

UWSpace >
University of Waterloo >
Electronic Theses and Dissertations (UW) >

Please use this identifier to cite or link to this item: http://hdl.handle.net/10012/3058

Title:	MAC Constructions: Security Bounds and Distinguishing Attacks
Authors:	Mandal, Avradip
Keywords:	Cryptography MAC Security Distinguishing Attack
Approved Date:	18-May-2007
Date Submitted:	17-May-2007
Abstract:	We provide a simple and improved security analysis of PMAC, a Parallelizable MAC (Message Authentication Code) defined over arbitrary messages. A similar kind of result was shown by Bellare, Pietrzak and Rogaway at Crypto 2005, where they have provided an improved bound for CBC (Cipher Block Chaining) MAC, which was introduced by Bellare, Killan and Rogaway at Crypto 1994. Our analysis idea is much more simpler to understand and is borrowed from the work by Nandi for proving Indistinguishability at Indocrypt 2005 and work by Bernstein. It shows that the advantage for any distinguishing attack for n-bit PMAC based on a random function is bounded by O(σq / 2^n), where σ is the total number of blocks in all q queries made by the attacker. In the original paper by Black and Rogaway at Eurocrypt 2002 where PMAC was introduced, the bound is O(σ^2 / 2^n). We also compute the collision probability of CBC MAC for suitably chosen messages. We show that the probability is Ω( lq^2 / N) where l is the number of message blocks, N is the size of the domain and q is the total number of queries. For random oracles the probability is O(q^2 / N). This improved collision probability will help us to have an efficient distinguishing attack and MAC-forgery attack. We also show that the collision probability for PMAC is Ω(q^2 / N) (strictly greater than the birthday bound). We have used a purely combinatorial approach to obtain this bound. Similar analysis can be made for other CBC MAC extensions like XCBC, TMAC and OMAC.
Program:	Combinatorics and Optimization
Department:	Combinatorics and Optimization
Degree:	Master of Mathematics
URI:	http://hdl.handle.net/10012/3058
Appears in Collections:	Electronic Theses and Dissertations (UW) Faculty of Mathematics Theses and Dissertations

Files in This Item:

File	Description	Size	Format
ThesisD4.pdf		807.15 kB	Adobe PDF	View/Open

This item is protected by original copyright

View Licence

University of Waterloo Library
200 University Avenue West
Waterloo, Ontario, Canada N2L 3G1
519 888 4883

contact us | give us feedback | http://www.lib.uwaterloo.ca | © 2006 University of Waterloo