Paper 2008/516

Distinguishing and Forgery Attacks on Alred and Its AES-based Instance Alpha-MAC

Zheng Yuan, Keting Jia, Wei Wang, and Xiaoyun Wang

Abstract

In this paper, we present new distinguishers of the MAC construction \textsc{Alred} and its specific instance \textsc{Alpha}-MAC based on AES, which is proposed by Daemen and Rijmen in 2005. For the \textsc{Alred} construction, we describe a general distinguishing attack which leads to a forgery attack directly. The complexity is $2^{64.5}$ chosen messages and $2^{64.5}$ queries with success probability 0.63. We also use a two-round collision differential path for \textsc{Alpha}-MAC, to construct a new distinguisher with about $2^{65.5}$ queries. The most important is that the new distinguisher can be used to recover the internal state, which is an equivalent secret subkey, and leads to a second preimage attack. Moreover, the distinguisher on \textsc{Alred} construction is also applicable to the MACs based on CBC and CFB encryption mode.

Note: Recovery of the internal state is presented.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Distinguishing attackForgery attack\textsc{Alred} construction\textsc{Alpha}-MACAES
Contact author(s)
xiaoyunwang @ mail tsinghua edu cn
History
2008-12-12: revised
2008-12-09: received
See all versions
Short URL
https://ia.cr/2008/516
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/516,
      author = {Zheng Yuan and Keting Jia and Wei Wang and Xiaoyun Wang},
      title = {Distinguishing and Forgery Attacks on Alred  and Its {AES}-based Instance Alpha-{MAC}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/516},
      year = {2008},
      url = {https://eprint.iacr.org/2008/516}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.