New Birthday Attacks on Some MACs Based on Block Ciphers

  • Zheng Yuan
  • Wei Wang
  • Keting Jia
  • Guangwu Xu
  • Xiaoyun Wang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5677)

Abstract

This paper develops several new techniques of cryptanalyzing MACs based on block ciphers, and is divided into two parts.

The first part presents new distinguishers of the MAC construction Alred and its specific instance Alpha-MAC based on AES. For the Alred construction, we first describe a general distinguishing attack which leads to a forgery attack directly with the complexity of the birthday attack. A 2-round collision differential path of Alpha-MAC is adopted to construct a new distinguisher with about 265.5 chosen messages and 265.5 queries. One of the most important results is to use this new distinguisher to recover the internal state, which is an equivalent subkey of Alpha-MAC. Moreover, our distinguisher on Alred construction can be applied to the MACs based on CBC and CFB encryption modes.

The second part describes the first impossible differential attack on MACs-Pelican, MT-MAC-AES and PC-MAC-AES. Using the birthday attack, enough message pairs that produce the inner near-collision with some specific differences are detected, then the impossible differential attack on 4-round AES to the above mentioned MACs is performed. For Pelican, our attack recovers its internal state, which is an equivalent subkey. For MT-MAC-AES, the attack turns out to be a subkey recovery attack directly. The complexity of the two attacks is 285.5 chosen messages and 285.5 queries. For PC-MAC-AES, we recover its 256-bit key with 285.5 chosen messages and 2128 queries.

Keywords

MAC Birthday attack Distinguishing attack Forgery attack Impossible differential cryptanalysis AES 

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Zheng Yuan
    • 1
    • 2
  • Wei Wang
    • 3
  • Keting Jia
    • 3
  • Guangwu Xu
    • 4
  • Xiaoyun Wang
    • 1
    • 3
  1. 1.Institute for Advanced StudyTsinghua UniversityBeijingChina
  2. 2.Beijing University of Posts and TelecommunicationsBeijingChina
  3. 3.Key Laboratory of Cryptologic Technology and Information Security, Ministry of EducationShandong UniversityJinanChina
  4. 4.Department of Electrical Engineering and Computer ScienceUniversity of Wisconsin-MilwaukeeUSA

Personalised recommendations