On the security margin of MAC striping

Thomas Eisenbarth; Aaron  Meyerowitz; Rainer  Steinwandt

doi:10.1016/j.ipl.2015.05.009

On the security margin of MAC striping

Thomas Eisenbarth, Aaron Meyerowitz, Rainer Steinwandt

Institut für IT-Sicherheit

Florida Atlantic University

1 Zitat (Scopus)

Abstract

MAC striping intermixes a payload with its authentication tag, placing the bits used for message authentication in positions derived from a secret key. The use of MAC striping has been suggested to authenticate encrypted payloads using short tags. For an idealized MAC scheme, the probability of a selective forgery has been estimated as , when utilizing MAC striping with ℓ-bit payloads and m-bit tags. We show that this estimate is too optimistic. For and any payload, we achieve a selective forgery with probability , and usually many orders of magnitude more than that.

Originalsprache	Englisch
Zeitschrift	Information Processing Letters
Jahrgang	115
Ausgabenummer	11
Seiten (von - bis)	899-902
Seitenumfang	4
ISSN	0020-0190
DOIs	https://doi.org/10.1016/j.ipl.2015.05.009
Publikationsstatus	Veröffentlicht - 11.2015

UN SDGs

Dieser Output leistet einen Beitrag zu folgendem(n) Ziel(en) für nachhaltige Entwicklung

SDG 9 – Industrie, Innovation und Infrastruktur
SDG 11 – Nachhaltige Städte und Gemeinschaften
SDG 12 – Verantwortungsvoller Konsum und Produktion

Dokumente

10.1016/j.ipl.2015.05.009

https://dl.acm.org/citation.cfm?id=2824242.2824481

Zitieren

@article{2ae16bafcf014d3da0d731d8a518070b,

title = "On the security margin of MAC striping",

abstract = "MAC striping intermixes a payload with its authentication tag, placing the bits used for message authentication in positions derived from a secret key. The use of MAC striping has been suggested to authenticate encrypted payloads using short tags. For an idealized MAC scheme, the probability of a selective forgery has been estimated as , when utilizing MAC striping with ℓ-bit payloads and m-bit tags. We show that this estimate is too optimistic. For and any payload, we achieve a selective forgery with probability , and usually many orders of magnitude more than that.",

author = "Thomas Eisenbarth and Aaron Meyerowitz and Rainer Steinwandt",

year = "2015",

month = nov,

doi = "10.1016/j.ipl.2015.05.009",

language = "English",

volume = "115",

pages = "899--902",

journal = "Information Processing Letters",

issn = "0020-0190",

publisher = "Elsevier B.V.",

number = "11",

}

TY - JOUR

T1 - On the security margin of MAC striping

AU - Eisenbarth, Thomas

AU - Meyerowitz, Aaron

AU - Steinwandt, Rainer

PY - 2015/11

Y1 - 2015/11

N2 - MAC striping intermixes a payload with its authentication tag, placing the bits used for message authentication in positions derived from a secret key. The use of MAC striping has been suggested to authenticate encrypted payloads using short tags. For an idealized MAC scheme, the probability of a selective forgery has been estimated as , when utilizing MAC striping with ℓ-bit payloads and m-bit tags. We show that this estimate is too optimistic. For and any payload, we achieve a selective forgery with probability , and usually many orders of magnitude more than that.

AB - MAC striping intermixes a payload with its authentication tag, placing the bits used for message authentication in positions derived from a secret key. The use of MAC striping has been suggested to authenticate encrypted payloads using short tags. For an idealized MAC scheme, the probability of a selective forgery has been estimated as , when utilizing MAC striping with ℓ-bit payloads and m-bit tags. We show that this estimate is too optimistic. For and any payload, we achieve a selective forgery with probability , and usually many orders of magnitude more than that.

U2 - 10.1016/j.ipl.2015.05.009

DO - 10.1016/j.ipl.2015.05.009

M3 - Journal articles

SN - 0020-0190

VL - 115

SP - 899

EP - 902

JO - Information Processing Letters

JF - Information Processing Letters

IS - 11

ER -

On the security margin of MAC striping

Abstract

UN SDGs

Dokumente

Fingerprint

Zitieren