On the Security of Iterated Message Authentication Codes

  title={On the Security of Iterated Message Authentication Codes},
  author={Bart Preneel and Paul C. van Oorschot},
  journal={IEEE Trans. Information Theory},
The security of iterated message authentication code (MAC) algorithms is considered, and in particular those constructed from unkeyed hash functions. A new MAC forgery attack applicable to all deterministic iterated MAC algorithms is presented, which requires on the order of 2n=2 known text-MAC pairs for algorithms with n bits of internal memory, as compared to the best previous general attack which required exhaustive key search. A related key recovery attack is also given which applies to a… CONTINUE READING