Key recovery attacks on the RMAC, TMAC, and IACBC

Jaechul Sung, Deukjo Hong, Sangjin Lee

Research output: Contribution to journalConference article

7 Citations (Scopus)

Abstract

The RMAC[6] is a variant of CBC-MAC, which resists birthday attacks and gives provably full security. The RMAC uses 2k-bit keys and the size of the RMAC is 2n, where n is the size of underlying block cipher. The TMAC[10] is the improved MAC scheme of XCBC[4] such that it requires (k +n)-bit keys while the XCBC requires (k +2n)-bit keys. In this paper, we introduce trivial key recovery attack on the RMAC with about 2n computations, which is more realistic than the attacks in [9]. Also we give a new attack on the TMAC using about 2 n/2+1 texts, which can recover an (k + n)-bit key. However this attack can not be applied to the XCBC. Furthermore we analyzed the IACBC mode[8], which gives confidentiality and message integrity.

Original languageEnglish
Pages (from-to)265-273
Number of pages9
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2727 LNCS
DOIs
Publication statusPublished - 2003
Event8th Australasian Conference on Information Security and Privacy, ACISP 2003 - Wollongong, NSW, Australia
Duration: 2003 Jul 92003 Jul 11

Keywords

  • CBC-MAC
  • IACBC
  • Key recovery attacks
  • Message authentication codes
  • Modes of operation
  • RMAC
  • TMAC
  • XCBC

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Key recovery attacks on the RMAC, TMAC, and IACBC'. Together they form a unique fingerprint.

  • Cite this