On the Unprovable Security of 2-Key XCBC

Wang, Peng; Feng, Dengguo; Wu, Wenling; Zhang, Liting

doi:10.1007/978-3-540-70500-0_17

Peng Wang¹,
Dengguo Feng²,
Wenling Wu² &
…
Liting Zhang²

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5107))

Included in the following conference series:

Australasian Conference on Information Security and Privacy

1051 Accesses
3 Citations

Abstract

There has been extensive research focusing on improving CBC-MAC to operate on variable length messages with less keys and less blockcipher invocations. After Black and Rogaway’s XCBC, Moriai and Imai proposed 2-Key XCBC, which replaced the third key of XCBC with its first key. Moriai and Imai “proved” that 2-Key XCBC is secure if the underling blockcipher is a pseudorandom permutation (PRP). Our research shows that it is not the case. The security of 2-Key XCBC can not be proved under the solo assumption of PRP, even if it is a RPR-RK secure against some related-key attack. We construct a special PRP (PRP-RK) to show that the main lemma in [14] is not true and 2-Key XCBC using this PRP (PRP-RK) is totally insecure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)
Google Scholar
Bellare, M., Kohno, T.: A theoretical treatment of related-key attacks: RKA-PRPs, RKA-PRFs, and applications. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 491–506. Springer, Heidelberg (2003)
Chapter Google Scholar
Black, J.: The ideal-cipher model, revisited: An uninstantiable blockcipher-based hash function. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 328–340. Springer, Heidelberg (2006)
Chapter Google Scholar
Black, J., Rogaway, P.: CBC MACs for arbitrary-length messages: The three-key constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197–215. Springer, Heidelberg (2000)
Chapter Google Scholar
Black, J., Rogaway, P., Shrimpton, T.: Encryption-scheme security in the presence of key-dependent messages. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 62–75. Springer, Heidelberg (2003)
Chapter Google Scholar
Bosselaers, A., Preneel, B. (eds.): RIPE 1992. LNCS, vol. 1007. Springer, Heidelberg (1995)
Google Scholar
Dworkin, M.: Recommendation for block cipher modes of operation: The CMAC mode for authentication. NIST Special Publication 800-38B (2005), http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
FIPS-133. Federal information processing standards publication (FIPS 133). computer data authentication (1985)
Google Scholar
Furuya, S., Sakurai, K.: Risks with raw-key maksing - the security evaluations of 2-Key XCBC. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 327–341. Springer, Heidelberg (2002)
Chapter Google Scholar
Iwata, T., Kurosawa, K.: OMAC: One-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)
Google Scholar
Iwata, T., Kurosawa, K.: On the correctness of security proofs for the 3GPP confidentiality and integrity algorithms. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 306–318. Springer, Heidelberg (2003)
Google Scholar
Iwata, T., Kurosawa, K.: On the security of a new variant of OMAC. In: Lim, J., Lee, D. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 67–78. Springer, Heidelberg (2004)
Google Scholar
Kurosawa, K., Iwata, T.: TMAC: Two-key CBC MAC. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 33–49. Springer, Heidelberg (2003)
Chapter Google Scholar
Moriai, S., Imai, H.: 2-Key XCBC: the CBC MAC for arbitrary-length messages by the two-key construction. In: The 2002 Symposium on Cryptography and Information Security, SCIS (2002) (in Japanese)
Google Scholar
Petrank, E., Rackoff, C.: CBC MAC for real-time data sources. Journal of Cryptology 13(3), 315–338 (2000)
Article MATH MathSciNet Google Scholar

Download references

Author information

Authors and Affiliations

State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, Beijing, 100049, China
Peng Wang
State Key Laboratory of Information Security, Institution of Software of Chinese Academy of Sciences, Beijing, 100080, China
Dengguo Feng, Wenling Wu & Liting Zhang

Authors

Peng Wang
View author publications
You can also search for this author in PubMed Google Scholar
Dengguo Feng
View author publications
You can also search for this author in PubMed Google Scholar
Wenling Wu
View author publications
You can also search for this author in PubMed Google Scholar
Liting Zhang
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Yi Mu Willy Susilo Jennifer Seberry

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wang, P., Feng, D., Wu, W., Zhang, L. (2008). On the Unprovable Security of 2-Key XCBC. In: Mu, Y., Susilo, W., Seberry, J. (eds) Information Security and Privacy. ACISP 2008. Lecture Notes in Computer Science, vol 5107. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70500-0_17

Download citation

DOI: https://doi.org/10.1007/978-3-540-70500-0_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69971-2
Online ISBN: 978-3-540-70500-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics