Abstract
The standardized integrity algorithm f9 of the 3GPP algorithm computes a MAC (Message Authentication Code) to establish the integrity and the data origin of the signalling data over a radio access link of W-CDMA IMT-2000. The function f9 is based on the block cipher KASUMI and it can be considered as a variant of CBC-MAC. In this paper we examine the provable security of f9. We prove that f9 is a secure pseudorandom function by giving a concrete bound on an adversary’s inability to forge a MAC value in terms of her inability to distinguish the underlying block cipher from a random permutation.
Keywords
References
Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994), http://wwwcse.ucsd.edu/users/mihir/
Berendschot, A., et al.: Integrity Primitives for Secure Information Systems. Final Report of RACE Integrity Primitives Evaluation (RIPE-RACE 1040). LNCS, vol. 1007. Springer, Heidelberg (1995)
Black, J., Rogaway, P.: CBC-MACs for arbitrary-length messages: the three-key constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197–215. Springer, Heidelberg (2000)
Black, J., Rogaway, P.: A Block-Cipher Mode of Operation for Parallelizable it Message Authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002)
Carter, L., Wegman, M.: Universal hash functions. J. of Computer and System Sciences 18, 143–154 (1979)
Gligor, V., Donescu, P.: Fast encryption and authentication: XCBC encryption and XECB authentication modes, Contribution to NIST, April 20 (2001), Available at http://csrc.nist.gov/encryption/modes/
Jaulmes, É., Joux, A., Valette, F.: On the security of Randomized CBC-MAC Beyond the Birthday Paradox Limit: A New Construction. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 237–251. Springer, Heidelberg (2002)
Kurosawa, K., Iwata, T.: TMAC: Two-Key CBC-MAC, Contribution to NIST, June 21 (2002), Available at http://csrc.nist.gov/encryption/modes/
Kang, J., Shin, S., Hong, D., Yi, O.: Provable security of KASUMI and 3GPP encryption mode f8. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 255–271. Springer, Heidelberg (2001)
Kang, J., Yi, O., Hong, D., Cho, H.: Pseudorandomness of MISTY-type transformations and the block cipher KASUMI. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 60–73. Springer, Heidelberg (2001)
Knudsen, L.R., Mitchell, C.J.: Analysis of 3gpp-MAC and two-key 3gpp-MAC. Discrete Applied Mathematics (to appear)
Knudsen, L.: Analysis of RMAC, Contribution to NIST, November 10 (2002), Available at http://csrc.nist.gov/CryptoToolkit/modes/comments/
Kohno, T.: Related-Key and Key-Collision Attacks Against RMAC, Contribution to NIST (2002), Available at http://csrc.nist.gov/CryptoToolkit/modes/comments/
Lloyd, J.: An Analysis of RMAC, Contribution to NIST, November 18 (2002), Available at http://csrc.nist.gov/CryptoToolkit/modes/comments/
Luby, M., Rackoff, C.: How to construct pseudorandom permutations and pseudorandom functions, SIAM J. SIAM J. Comput. 17, 189–203 (1988)
Petrank, E., Rackoff, C.: CBC-MAC for Real-Time Data Source. J. of Cryptology 13, 315–338 (2000)
Preneel, B., van Oorschot, P.C.: MDx-MAC and building fast MACs from hash functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 1–14. Springer, Heidelberg (1995)
Rogaway, P.: PMAC: A parallelizable message authentication code, Contribution to NIST, April 17 (2001), Available at http://csrc.nist.gov/encryption/modes/
Rogaway, P.: Comments on NIST’s RMAC Proposal, Contribution to NIST, December 2 (2002), Available at http://csrc.nist.gov/CryptoToolkit/modes/comments/
Wegman, M., Carter, L.: New hash functions and their use in authentication and set equality. J. of Computer and System Sciences 22, 265–279 (1981)
3GPP TR 33.909, Report on the evaluation of 3GPP standard confidentiality and integrity algorithms, V1.0.0, 2002-12
3GPP TS 35.201 Specification of the 3GPP confidentiality and integrity algorithm; Document 1: f8 and f9 specifications
ISO/IEC 9797-1:1999(E) Information technology - Security techniques - Message Authentication Codes(MACs) - Part 1
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hong, D., Kang, JS., Preneel, B., Ryu, H. (2003). A Concrete Security Analysis for 3GPP-MAC. In: Johansson, T. (eds) Fast Software Encryption. FSE 2003. Lecture Notes in Computer Science, vol 2887. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39887-5_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-39887-5_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20449-7
Online ISBN: 978-3-540-39887-5
eBook Packages: Springer Book Archive