Message Authentication Codes and Differential Attack
Summary :
We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 234 pairs of plaintext, while FEAL8-MAC can be broken with 222 pairs. The proposed attack is applicable to any MAC scheme, even if the 32-bits are randomly selected from among the 64-bits of ciphertext generated by a cryptosystem vulnerable to differential attack in the chosen plaintext scenario.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E77-A No.1 pp.8-14
- Publication Date
- 1994/01/25
- Publicized
- Online ISSN
- DOI
- Type of Manuscript
- Special Section PAPER (Special Section on Cryptography and Information Security)
- Category
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Kazuo OHTA, Mitsuru MATSUI, "Message Authentication Codes and Differential Attack" in IEICE TRANSACTIONS on Fundamentals,
vol. E77-A, no. 1, pp. 8-14, January 1994, doi: .
Abstract: We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 234 pairs of plaintext, while FEAL8-MAC can be broken with 222 pairs. The proposed attack is applicable to any MAC scheme, even if the 32-bits are randomly selected from among the 64-bits of ciphertext generated by a cryptosystem vulnerable to differential attack in the chosen plaintext scenario.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/e77-a_1_8/_p
Copy
@ARTICLE{e77-a_1_8,
author={Kazuo OHTA, Mitsuru MATSUI, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Message Authentication Codes and Differential Attack},
year={1994},
volume={E77-A},
number={1},
pages={8-14},
abstract={We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 234 pairs of plaintext, while FEAL8-MAC can be broken with 222 pairs. The proposed attack is applicable to any MAC scheme, even if the 32-bits are randomly selected from among the 64-bits of ciphertext generated by a cryptosystem vulnerable to differential attack in the chosen plaintext scenario.},
keywords={},
doi={},
ISSN={},
month={January},}
Copy
TY - JOUR
TI - Message Authentication Codes and Differential Attack
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 8
EP - 14
AU - Kazuo OHTA
AU - Mitsuru MATSUI
PY - 1994
DO -
JO - IEICE TRANSACTIONS on Fundamentals
SN -
VL - E77-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 1994
AB - We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 234 pairs of plaintext, while FEAL8-MAC can be broken with 222 pairs. The proposed attack is applicable to any MAC scheme, even if the 32-bits are randomly selected from among the 64-bits of ciphertext generated by a cryptosystem vulnerable to differential attack in the chosen plaintext scenario.
ER -
English
