On the security margin of MAC striping

Thomas Eisenbarth, Aaron Meyerowitz, Rainer Steinwandt

Abstract

MAC striping intermixes a payload with its authentication tag, placing the bits used for message authentication in positions derived from a secret key. The use of MAC striping has been suggested to authenticate encrypted payloads using short tags. For an idealized MAC scheme, the probability of a selective forgery has been estimated as , when utilizing MAC striping with ℓ-bit payloads and m-bit tags. We show that this estimate is too optimistic. For and any payload, we achieve a selective forgery with probability , and usually many orders of magnitude more than that.
OriginalspracheEnglisch
ZeitschriftInformation Processing Letters
Jahrgang115
Ausgabenummer11
Seiten (von - bis)899-902
Seitenumfang4
ISSN0020-0190
DOIs
PublikationsstatusVeröffentlicht - 11.2015

Fingerprint

Untersuchen Sie die Forschungsthemen von „On the security margin of MAC striping“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren