International Journal of Information Security

, Volume 12, Issue 6, pp 495–504 | Cite as

Aggregate message authentication codes (AMACs) with on-the-fly verification

  • Yu-Shian ChenEmail author
  • Chin-Laung Lei
Regular Contribution


Aggregate message authentication codes (AMACs) merge multiple authenticators for multiple receivers in multicast networks. We investigate this security notion, revise the definition, derive the lower bound, and present a generic construction through Bloom filters. Different from former research, we especially focus on the new property of AMACs: on-the-fly verification, which means that given the aggregated tag, each single message can be verified without obtaining other messages, i.e., the time for verifying a single message takes time complexity \(\mathcal{O }(1)\), compared to regular MAC schemes. We derive the security lower bound of such type of AMACs and present a generic approach to build them from essentially any standard MAC scheme by Bloom filter technique. Moreover, we achieve the theoretical lower bound on security strength by adopting optimal compressed Bloom filters.


Authentication Aggregation Bloom filters Broadcast authentication Merkle tree 


  1. 1.
    Boneh, D., Durfee, G., Franklin, M.K.: Lower bounds for multicast message authentication. In: EUROCRYPT, LNCS, vol. 2045, pp. 437–452. Springer, Heidelberg (2001)Google Scholar
  2. 2.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: EUROCRYPT, LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)Google Scholar
  3. 3.
    Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: a taxonomy and some efficient constructions. In: INFOCOM, vol. 2, pp. 708–716. IEEE Press, New York (1999)Google Scholar
  4. 4.
    Chan, A.F., Castelluccia, C.: On the (im)possibility of aggregate message authentication codes. In: IEEE International Symposium on Information Theory, 2008. ISIT 2008. pp. 235–239 (2008)Google Scholar
  5. 5.
    Chan, H., Perrig, A.: Round-efficient broadcast authentication protocols for fixed topology classes. In: IEEE Symposium on Security and Privacy, pp. 257–272. IEEE Computer Society (2010)Google Scholar
  6. 6.
    Chan, H., Perrig, A., Song, D.: Secure hierarchical in-network aggregation in sensor networks. In: CCS ’06: Proceedings of the 13th ACM conference on Computer and communications security, pp. 278–287. ACM, New York, NY, USA (2006)Google Scholar
  7. 7.
    Chen, Y.S., Lin, I.L., Lei, C.L., Liao, Y.H.: Broadcast authentication in sensor networks using compressed bloom filters. In: DCOSS, pp. 99–111. Springer, Berlin (2008)Google Scholar
  8. 8.
    Eikemeier, O., Fischlin, M., Götzmann, J.F., Lehmann, A., Schröder, D., Schröder, P., Wagner, D.: History-free aggregate message authentication codes. In: Garay, J.A., Prisco, R.D. (eds.) SCN, vol. 6280, pp. 309–328. Springer (2010)Google Scholar
  9. 9.
    Katz, J., Lindell, A.Y.: Aggregate message authentication codes. In: CT-RSA, LNCS, vol. 4964, pp. 155–169. Springer, Heidelberg (2008)Google Scholar
  10. 10.
    Maurer, U.M.: A unified and generalized treatment of authentication theory. In: Proceedings 13th Symposium on Theoretical Aspects of Computer Science (STACS 1996), LNCS, pp. 387–398. Springer-Verlag (1996)Google Scholar
  11. 11.
    Maurer, U.M.: Authentication theory and hypothesis testing. IEEE Trans. Inf. Theory 46(4), 1350–1356 (2000)CrossRefzbMATHGoogle Scholar
  12. 12.
    Mitzenmacher, M.: Compressed bloom filters. IEEE/ACM Trans. Netw. 10(5), 604–612 (2002)CrossRefGoogle Scholar
  13. 13.
    Perrig, A., Canetti, R., Song, D., Tygar, J.: Efficient and secure source authentication for multicast. In: Network and Distributed System Security Symposium, NDSS, vol. 1, pp. 35–46 (2001)Google Scholar
  14. 14.
    Perrig, A., Canetti, R., Tygar, J.D., Song, D.: The TESLA broadcast authentication protocol. RSA CryptoBytes 5(2), 2–13 (2002) Google Scholar
  15. 15.
    Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: security protocols for sensor networks. In: MobiCom ’01: Proceedings of the 7th annual international conference on Mobile computing and networking, pp. 189–199. ACM, New York, NY, USA (2001)Google Scholar
  16. 16.
    Rosenbaum, U.: A lower bound on authentication after having observed a sequence of messages. J. Cryptol. 6(3), 135–156 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Simmons, G.J.: Authentication theory/coding theory. In: Proceedings of CRYPTO 84 on Advances in Cryptology, pp. 411–431. Springer-Verlag New York, Inc., New York, NY, USA (1985)Google Scholar
  18. 18.
    Smeets, B.J.M.: Bounds on the probability of deception in multiple authentication. IEEE Trans. Inf. Theory 40(5), 1586 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Walker, M.: Information-theoretic bounds for authentication schemes. J. Cryptol. 2(3), 131–144 (1990)CrossRefzbMATHGoogle Scholar
  20. 20.
    Ye, F., Luo, H., Lu, S., Zhang, L.: Statistical en-route filtering of injected false data in sensor networks. In: INFOCOM, pp. 2446–2457. IEEE (2004)Google Scholar
  21. 21.
    Znaidi, W., Minier, M., Lauradoux, C.: Aggregated authentication (AMAC) using universal hash functions. In: SecureComm ’09, pp. 248–252 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Department of Electrical EngineeringNational Taiwan UniversityTaipeiTaiwan

Personalised recommendations