Analysis of RMAC

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    Abstract

    In this paper the newly proposed RMAC system is analysed. The scheme allows a (traditional MAC) attack some control over one of two keys of the underlying block cipher and makes it possible to mount several related-key attacks on RMAC. First, an efficient attack on RMAC when used with triple-DES is presented, which rely also on other findings in the proposed draft standard. Second, a generic attack on RMAC is presented which can be used to find one of the two keys in the system faster than by an exhaustive search. Third, related-key attacks on RMAC in a multi-user setting are presented. In addition to beating the claimed security bounds in NISTrsquos RMAC proposal, this work suggests that, as a general principle, one may wish to avoid designing modes of operation that use related keys.
    Original languageEnglish
    Title of host publicationFast Software Encryption
    Place of PublicationBerlin Heidelberg
    PublisherSpringer
    Publication date2003
    Edition2887
    Pages182-191
    ISBN (Print)978-3-540-20449-7
    DOIs
    Publication statusPublished - 2003
    Event10th International Workshop on Fast Software Encryption - Lund, Sweden
    Duration: 24 Feb 200326 Feb 2003
    Conference number: 10
    http://www.informatik.uni-trier.de/~ley/db/conf/fse/fse2003.html

    Conference

    Conference10th International Workshop on Fast Software Encryption
    Number10
    CountrySweden
    CityLund
    Period24/02/200326/02/2003
    Internet address
    SeriesLecture Notes in Computer Science
    ISSN0302-9743

    Cite this