Improved security analyses for CBC MACs
We present an improved bound on the advantage of any q-query adversary at distinguishing between the CBC MAC over a random n-bit permutation and a random function outputting n bits. The result assumes that no message queried is a prefix of any other, as is the case when all messages to be MACed have...
Saved in:
| Main Authors: | , , |
|---|---|
| 格式: | Book Series |
| 出版: |
2018
|
| 主題: | |
| 在線閱讀: | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=33745136125&origin=inward http://cmuir.cmu.ac.th/jspui/handle/6653943832/61607 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 機構: | Chiang Mai University |
| 總結: | We present an improved bound on the advantage of any q-query adversary at distinguishing between the CBC MAC over a random n-bit permutation and a random function outputting n bits. The result assumes that no message queried is a prefix of any other, as is the case when all messages to be MACed have the same length: We go on to give an improved analysis of the encrypted CBC MAC, where there is no restriction on queried messages. Letting m be the block length of the longest query, our bounds are about mq2/2nfor the basic CBC MAC and m°(1)q2/2nfor the encrypted CBC MAC, improving prior bounds of m2q2/2n. The new bounds translate into improved guarantees on the probability of forging these MACs. © International Association for Cryptologic Research 2005. |
|---|