Reference : Collision Attacks on AES-Based MAC: Alpha-MAC |
Scientific congresses, symposiums and conference proceedings : Paper published in a book | |||
Engineering, computing & technology : Computer science | |||
http://hdl.handle.net/10993/15035 | |||
Collision Attacks on AES-Based MAC: Alpha-MAC | |
English | |
Biryukov, Alex ![]() | |
Bogdanov, Andrey [Ruhr-University, Bochum] | |
Khovratovich, Dmitry ![]() | |
Kasper, Timo [Ruhr-University, Bochum] | |
2007 | |
Cryptographic Hardware and Embedded Systems - CHES 2007 | |
Springer | |
166-180 | |
Yes | |
International | |
978-3-540-74734-5 | |
Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop | |
September 10-13 | |
Vienna | |
Austria | |
[en] Alpha-MAC ; message authentication codes ; MAC ; AES ; collision attack ; side-channel attack ; selective forgery | |
[en] Message Authentication Code construction Alred and its AES-based instance Alpha-MAC were introduced by Daemen and Rijmen in 2005. We show that under certain assumptions about its implementation (namely that keyed parts are perfectly protected against side-channel attacks but bulk hashing rounds are not) one can efficiently attack this function. We propose a side-channel collision attack on this MAC recovering its internal state just after 29 measurements in the known-message scenario which is to be compared to 40 measurements required by collision attacks on AES in the chosen-plaintext scenario. Having recovered the internal state, we mount a selective forgery attack using new 4 to 1 round collisions working with negligible memory and time complexity. | |
http://hdl.handle.net/10993/15035 | |
http://www.springerlink.com/content/r241n19657h68rm3/ | |
4727 Lecture Notes in Computer Science Lect Notes Comput Sci 1611-3349 0302-9743 |
File(s) associated to this reference | ||||||||||||||
Fulltext file(s):
| ||||||||||||||
All documents in ORBilu are protected by a user license.