ブロック暗号における秘密鍵の平文ブロックのマスクについて : 2-key XCBCによるMAC生成スキームの安全性

Presentation	2002/7/12 Risks for Raw-key Masking : the Security of 2-key XCBC MAC-generation scheme Soichi FURUYA, Kouichi SAKURAI,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	Two-key XCBC proposed by Moriai and Imai is a CBCMAC-based method to generate a message authentication code. This method is optimal from several aspects, the number of PRP invocations, key setups, and key materials. This mode is alsp proven the security as a MAC. In this paper, we discuss how masking a secret key for a plaintext block effects to its security. Concerning that the PRP is limited to the special permutations, we show the two-key XCBC is forgeable if one uses Even-Mansour constructions. In case of using DESX construction for two-key XCBC, the necessary complexity to attack the scheme is below that what is proven for DESX. We also study the security of AES and Camellia when they are used in two-key XCBC mode from another aspect, rather than the context of the provable security.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	Block cipher / mode of operation / provable security / XCBC / AES
Paper #	ISEC2002-40
Date of Issue

Paper Information
Registration To	Information Security (ISEC)
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	Risks for Raw-key Masking : the Security of 2-key XCBC MAC-generation scheme
Sub Title (in English)
Keyword(1)	Block cipher
Keyword(2)	mode of operation
Keyword(3)	provable security
Keyword(4)	XCBC
Keyword(5)	AES
1st Author's Name	Soichi FURUYA
1st Author's Affiliation	Hitachi, Systems Development Laboratory()
2nd Author's Name	Kouichi SAKURAI
2nd Author's Affiliation	Dept. of OSCE., Kyushu University
Date	2002/7/12
Paper #	ISEC2002-40
Volume (vol)	vol.102
Number (no)	212
Page	pp.pp.-
#Pages	8
Date of Issue