Skip to main content

UMAC: Fast and Secure Message Authentication

Part of the Lecture Notes in Computer Science book series (LNCS,volume 1666)

Abstract

We describe a message authentication algorithm, UMAC, which can authenticate messages (in software, on contemporary machines) roughly an order of magnitude faster than current practice (e.g., HMAC-SHA1), and about twice as fast as times previously reported for the universal hash-function family MMH. To achieve such speeds, UMAC uses a new universal hash-function family, NH, and a design which allows effective exploitation of SIMD parallelism. The “cryptographic” work of UMAC is done using standard primitives of the user’s choice, such as a block cipher or cryptographic hash function; no new heuristic primitives are developed here. Instead, the security of UMAC is rigorously proven, in the sense of giving exact and quantitatively strong results which demonstrate an inability to forge UMAC-authenticated messages assuming an inability to break the underlying cryptographic primitive. Unlike conventional, inherently serial MACs, UMAC is parallelizable, and will have ever-faster implementation speeds as machines offer up increasing amounts of parallelism. We envision UMAC as a practical algorithm for next-generation message authentication.

Keywords

  • Hash Function
  • Block Cipher
  • Collision Probability
  • Message Authentication Code
  • Message Authentication

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. Afanassiev, V., Gehrmann, C., and Smeets, B. Fast message authentication using efficient polynomial evaluation. In Proceedings of the 4th Workshop on Fast Software Encryption (1997), vol. 1267, Springer-Verlag, pp. 190–204.

    CrossRef  Google Scholar 

  2. Ansi X9.9. American national standard — Financial institution message authentication (wholesale). ASC X9 Secretariat-American Bankers Association, 1986.

    Google Scholar 

  3. Bellare, M., Canetti, R., and Krawczyk, H. Keying hash functions for message authentication. In Advances in Cryptology-CRYPTO’ 96 (1996), vol. 1109 of Lecture Notes in Computer Science, Springer-Verlag, pp. 1–15.

    CrossRef  Google Scholar 

  4. Bellare, M., Canetti, R., and Krawczyk, H. Pseudorandom functions revisited: The cascade construction. In 37th Annual Symposium on Foundations of Computer Science (1996), IEEE Computer Society, pp. 514–523.

    Google Scholar 

  5. Bellare, M., Kilian, J., and Rogaway, P. The security of cipher block chaining. In Advances in Cryptology-CRYPTO’ 94 (1994), vol. 839 of Lecture Notes in Computer Science, Springer-Verlag, pp. 341–358.

    Google Scholar 

  6. Bernstein, D. Guaranteed message authentication faster than MD5. Unpublished manuscript, 1999.

    Google Scholar 

  7. Black, J., Halevi, S., Hevia, A., Krawczyk, H., Krovetz, T., and Rogaway, P. UMAC — Message authentication code using universal hashing. Unpublished specification, http://www.cs.ucdavis.edu/~rogaway/umac, 1999.

  8. Black, J., Halevi, S., Krawczyk, H., Krovetz, T., and Rogaway, P. UMAC: Fast and secure message authentication. In Advances in Cryptology-CRYPTO’ 99 (1999), Lecture Notes in Computer Science, Springer-Verlag. Full version of this paper, available at http://www.cs.ucdavis.edu/~rogaway/umac.

    Google Scholar 

  9. Brassard, G. On computationally secure authentication tags requiring short secret shared keys. In Advances in Cryptology-CRYPTO’ 82 (1983), Springer-Verlag, pp. 79–86.

    Google Scholar 

  10. Carter, L., and Wegman, M. Universal hash functions. J. of Computer and System Sciences, 18 (1979), 143–154.

    Google Scholar 

  11. FIPS 180-1. Secure hash standard. NIST, US Dept. of Commerce, 1995.

    Google Scholar 

  12. H. Krawczyk, M. B., and Canetti, R. HMAC: Keyed hashing for message authentication. IETF RFC-2104, 1997.

    Google Scholar 

  13. Halevi, S., and Krawczyk, H. MMH: Software message authentication in the Gbit/second rates. In Proceedings of the 4th Workshop on Fast Software Encryption (1997), vol. 1267, Springer-Verlag, pp. 172–189.

    CrossRef  Google Scholar 

  14. Johansson, T. Bucket hashing with small key size. In Advances in Cryptology-EUROCRYPT’ 97 (1997), Lecture Notes in Computer Science, Springer-Verlag.

    Google Scholar 

  15. Kaliski, B., and Robshaw, M. Message authentication with MD5, 1995. Technical newsletter of RSA Laboratories.

    Google Scholar 

  16. Krawczyk, H. LFSR-based hashing and authentication. In Advances in Cryptology-CRYPTO’ 94 (1994), vol. 839 of Lecture Notes in Computer Science, Springer-Verlag, pp. 129–139.

    Google Scholar 

  17. Krovetz, T. UMAC reference code (in ANSI C with Pentium assembly). Available from http://www.cs.ucdavis.edu/~rogaway/umac, 1999.

  18. Mansour, Y., Nissan, N., and Tiwari, P. The computational complexity of universal hashing. In Proceedings of the Twenty Second Annual ACM Symposium on Theory of Computing (1990), ACM Press, pp. 235–243.

    Google Scholar 

  19. Nevelsteen, W., and Preneel, B. Software performance of universal hash functions. In Advances in Cryptology — EUROCRYPT’ 99 (1999), vol. 1592 of Lecture Notes in Computer Science, Springer-Verlag, pp. 24–41.

    Google Scholar 

  20. Patel, S., and Ramzan, Z. Square hash: Fast message authentication via optimized universal hash functions. In Advances in Cryptology — CRYPTO’ 99 (1999), Lecture Notes in Computer Science, Springer-Verlag.

    Google Scholar 

  21. Petrank, E., and Rackoff, C. CBC MAC for real-time data sources. Manuscript 97-10 in http://philby.ucsd.edu/cryptolib.html, 1997.

  22. Preneel, B., and van Oorschot, P. MDx-MAC and building fast MACs from hash functions. In Advances in Cryptology — CRYPTO’ 95 (1995), vol. 963 of Lecture Notes in Computer Science, Springer-Verlag, pp. 1–14.

    Google Scholar 

  23. Preneel, B., and van Oorschot, P. On the security of two MAC algorithms. In Advances in Cryptology — EUROCRYPT’ 96 (1996), vol. 1070 of Lecture Notes in Computer Science, Springer-Verlag, pp. 19–32.

    Google Scholar 

  24. Rivest, R., Robshaw, M., Sidney, R., and Yin, Y. The RC6 block cipher. Available from http://theory.lcs.mit.edu/~rivest/publications.html, 1998.

  25. Rogaway, P. Bucket hashing and its application to fast message authentication. In Advances in Cryptology-CRYPTO’ 95 (1995), vol. 963 of Lecture Notes in Computer Science, Springer-Verlag, pp. 313–328.

    Google Scholar 

  26. Shoup, V. On fast and provably secure message authentication based on universal hashing. In Advances in Cryptology-CRYPTO’ 96 (1996), vol. 1109 of Lecture Notes in Computer Science, Springer-Verlag, pp. 74–85.

    CrossRef  Google Scholar 

  27. Tsudik, G. Message authentication with one-way hash functions. In Proceedings of Infocom’ 92 (1992), IEEE Press.

    Google Scholar 

  28. Wegman, M., and Carter, L. New hash functions and their use in authentication and set equality. In J. of Comp. and System Sciences (1981), vol. 22, pp. 265–279.

    MATH  CrossRef  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P. (1999). UMAC: Fast and Secure Message Authentication. In: Wiener, M. (eds) Advances in Cryptology — CRYPTO’ 99. CRYPTO 1999. Lecture Notes in Computer Science, vol 1666. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48405-1_14

Download citation

  • DOI: https://doi.org/10.1007/3-540-48405-1_14

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-66347-8

  • Online ISBN: 978-3-540-48405-9

  • eBook Packages: Springer Book Archive