Constructing VIL-MACs from FIL-MACs: Message authentication under weakened assumptions

Table of Contents

Constructing VIL-MACs from FIL-MACs: Message authentication under weakened assumptions

Message Authentication Codes

Security goal: unforgeability [GMR,BKR]

Constructions of MAC algorithms

FIL vs. VIL primitives

Existing algorithms and their security assumptions

Our goal:

Benefits of weaker assumptions:

Our results

Recall: MD construct

NI[f] construction

Towards security analysis of NI[f]:

NI[f] Construction preserves unforgeability (proof sketch)

NI[f] instantiation

CBC-MAC does not preserve unforgeability

CBC-MAC does not preserve unforgeability

3-round Feistel (FST³[f]) construction

Feistel does not preserve unforgeability

Main ideas (of attack):

Summary and the URL of our paper

Email: jeehea@cs.ucsd.edu

Home Page: http://www-cse.ucsd.edu/~jeehea

Other information:
Slides used in presentation at Crypto'99 by Jee Hea An