Dajiang Chen,Shaoquan Jiang,Zhiguang Qin

DOI: https://doi.org/10.1109/isit.2015.7282866

2015-01-01

Abstract:Message Authentication Code (MAC) is a keyed function f K such that when Alice, who shares the secret K with Bob, sends f K (M) to the latter, Bob will be assured of the integrity and authenticity of M. Traditionally, it is assumed that the channel is noiseless. Unfortunately, Maurer showed that in this case an attacker can succeed with probability equation after authenticating ∓ messages, where H(K) is the entropy of K. In this paper, we consider the setting where the channel is noisy. Specifically, Alice and Bob are connected by a discrete memoryless channel (DMC) W 1 and a noiseless but insecure channel. In addition, there is a DMC W 2 between Alice and attacker Oscar. We regard the noisy channel as an expensive resource and define the authentication rate ρ auth as the ratio of message length to the number n of channel W 1 uses. The security of this model depends on the channel coding for f K (M). A natural coding scheme is to use the secrecy capacity achieving code of Csiszár and Körner. Intuitively, this is also the optimal strategy. However, we propose a coding scheme that achieves a higher ρ auth . Our crucial point is that under a secrecy capacity code, Bob can fully recover f K (M) while in our model this is not necessary as we only need to detect the existence of the modification. How to detect the malicious modification without recovering f K (M) is the main contribution of this work. We achieve this through random coding techniques.

WANG Da-Yin,LIN Dong-Dai,WU Wen-ling,JIANG Zhong-Hua

DOI: https://doi.org/10.3969/j.issn.1002-1175.2006.02.017

2006-01-01

Abstract:Message Authentication Codes are very important tools to protect data integrity.XOR-MAC is defined by Bellare,who also gives a security analysis for it.But the security analysis they gave for XOR-MAC is complex.In this paper,we use the Game-Playing technique to give a new security analysis for XOR-MAC.We prove XOR-MAC secure,quantifying an adversary's success probability of distinguishing XOR-MAC from a purely random function in terms of the quality of the block cipher as a pseudorandom permutation.

WANG Da-yin,LIN Dong-dai,WU Wen-ling

DOI: https://doi.org/10.3321/j.issn:0372-2112.2006.10.014

2006-01-01

Abstract:The most important tool to protect data integrity is Message Authentication Code(MAC),which is widely used in many kinds of secure systems.With the development of the theory of provable security,the MACs,which have security proof,are the first choice of many people.Based on the constructions of XOR MAC and PMAC,we define a deterministic fully parallelizable block-cipher mode of operation for message authentication-DXOR MAC(Deterministic XOR MAC).We prove its security,quantifying an adversary's forgery probability in terms of the quality of the block cipher as a pseudo-random permutation.

Dayin Wang,Dongdai Lin,Wenling Wu

DOI: https://doi.org/10.1007/11937807_7

2006-01-01

Abstract:In this paper, we present One-Key Poly1305 MAC(OPMAC) and prove its security for arbitrary length message. OPMAC is deterministic and takes only one 16-byte key. Previously, Poly1305 MAC is nonce-based and requires two 16-byte keys and a 16-byte nonce, 48-byte in total.

WANG Da-Yin,LIN Dong-Dai,WU Wen-Ling

DOI: https://doi.org/10.1360/jos181756

2007-01-01

Journal of Software

Abstract:This paper defines and analyzes a fully deterministic parallelizable block-cipher mode of operation for message authentication— DPMAC (deterministic parallelizable message authentication code). DPMAC is constructed based on a 128-bit block cipher, works for strings of any bit length, and employs a single block-cipher key. Its security is proved, using the Game-Playing technique to quantify an adversary's forgery probability in terms of the quality of the block cipher as a pseudo-random permutation.

Dayin Wang,Dongdai Lin,Wenling Wu

2007-01-01

Abstract:We can view an existing Message Authentication Code (MAC) as a Carter-Wegman MAC in spite of the fact it may not have been designed as one. This will make the analysis easier than it has been when considered from other viewpoints. In this paper, we can look PMAC with two keys as a Carter-Wegman MAC and get a simple security proof for it. Using this viewpoint to look at PMAC, we will learn not only why the PMAC is such constructed, but also a new method of constructing MACs.

He Li,Vireshwar Kumar,Jung-Min Park,Yaling Yang

DOI: https://doi.org/10.48550/arXiv.2001.05211

2020-10-15

Abstract:In resource-constrained IoT networks, the use of conventional message authentication codes (MACs) to provide message authentication and integrity is not possible due to the large size of the MAC output. A straightforward yet naive solution to this problem is to employ a truncated MAC which undesirably sacrifices cryptographic strength in exchange for reduced communication overhead. In this paper, we address this problem by proposing a novel approach for message authentication called \textit{Cumulative Message Authentication Code} (CuMAC), which consists of two distinctive procedures: \textit{aggregation} and \textit{accumulation}. In aggregation, a sender generates compact authentication tags from segments of multiple MACs by using a systematic encoding procedure. In accumulation, a receiver accumulates the cryptographic strength of the underlying MAC by collecting and verifying the authentication tags. Embodied with these two procedures, CuMAC enables the receiver to achieve an advantageous trade-off between the cryptographic strength and the latency in processing of the authentication tags. Furthermore, for some latency-sensitive messages where this trade-off may be unacceptable, we propose a variant of CuMAC that we refer to as \textit{CuMAC with Speculation} (CuMAC/S). In addition to the aggregation and accumulation procedures, CuMAC/S enables the sender and receiver to employ a speculation procedure for predicting future message values and pre-computing the corresponding MAC segments. For the messages which can be reliably speculated, CuMAC/S significantly reduces the MAC verification latency without compromising the cryptographic strength. We have carried out comprehensive evaluation of CuMAC and CuMAC/S through simulation and a prototype implementation on a real car.

Cryptography and Security

Dajiang Chen,Nan Cheng,Ning Zhang,Kuan Zhang,Zhiguang Qin,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/mass.2017.70

2017-01-01

Abstract:In this paper, we investigate multi-message authentication to combat adversaries with infinite computational capacity. An authentication framework over a wiretap channel $(W_1,W_2)$ is proposed to achieve information-theoretic security with the same key. The proposed framework bridges the two research areas in physical (PHY) layer security: secure transmission and message authentication. Specifically, the sender Alice first transmits message $M$ to the receiver Bob over $(W_1,W_2)$ with an error correction code; then Alice employs a hash function (i.e., $\varepsilon$-AWU$_2$ hash functions) to generate a message tag $S$ of message $M$ using key $K$, and encodes $S$ to a codeword $X^n$ by leveraging an existing strongly secure channel coding with exponentially small (in code length $n$) average probability of error; finally, Alice sends $X^n$ over $(W_1,W_2)$ to Bob who authenticates the received messages. We develop a theorem regarding the requirements/conditions for the authentication framework to be information-theoretic secure for authenticating a polynomial number of messages in terms of $n$. Based on this theorem, we propose an authentication protocol that can guarantee the security requirements, and prove its authentication rate can approach infinity when $n$ goes to infinity. Furthermore, we design and implement an efficient and feasible authentication protocol over binary symmetric wiretap channel (BSWC) by using \emph{Linear Feedback Shifting Register} based (LFSR-based) hash functions and strong secure polar code. Through extensive experiments, it is demonstrated that the proposed protocol can achieve low time cost, high authentication rate, and low authentication error rate.

Peng Zhang,Yixin Jiang,Chuang Lin,Hongyi Yao,Albert Wasef,Xuemin Shen

DOI: https://doi.org/10.1109/INFCOM.2011.5934876

2011-01-01

Abstract:Network coding provides a promising alternative to traditional store-and-forward transmission paradigm. However, due to its information-mixing nature, network coding is notoriously susceptible to pollution attacks: a single polluted packet can end up corrupting bunches of good ones. Existing authentication mechanisms either incur high computation/bandwidth overheads, or cannot resist the tag pollution proposed recently. This paper presents a novel idea termed “padding for orthogonality” for network coding authentication. Inspired by it, we design a public-key based signature scheme and a symmetric-key based MAC scheme, which can both effectively contain pollution attacks at forwarders. In particular, we combine them to propose a unified scheme termed MacSig, the first hybrid-key cryptographic approach to network coding authentication. It can thwart both normal pollution and tag pollution attacks in an efficient way. Simulative results show that our MacSig scheme has a low bandwidth overhead, and a verification process 2-4 times faster than typical signature-based solutions in some circumstances.

Xiaolin Zhang,Dawu Gu

DOI: https://doi.org/10.1360/ssi-2021-0261

2021-01-01

Scientia Sinica Informationis

Abstract:Message authentication code (MAC), widely used in all kinds of information systems, is a symmetric cryptographic algorithm that checks message integrity and source authenticity. However, when the devices running MAC face physical invasion, the attacker can extract the keys inside and generate valid tags by directly reading the memory or adjusting the circuits. In this paper, we propose PUF-MAC, a new MAC algorithm based on the physically unclonable function (PUF), which is constructed from the hash function and PUF. The PUF is a kind of data mapping entity with unclonable internal structures and unpredictable outputs. The difference between mappings preserved by PUF entities originates from minor variations in the physical environment during production. The communicating parties can apply the PUF to form the shared secret key. Under the standard security model, this paper inductively proves that PUF-MAC satisfies the existential unforgeability under a chosen message attack, and the EUF-CMA security of PUF-MAC relies on the (weak) collision resistance of hash and the EUF-CMA security of PUF. Additionally, this paper recasts PUF-MAC into a key agreement protocol with forward/backward security, along with a bilateral authentication protocol by which its practicability is indicated. A comparison with other MAC reveals that PUF-MAC is indeed lightweight and easy to deploy, and PUF-MAC requires no pre-established PUF responses. The involvement of the PUF allows an attacker to forge a valid tag even after retrieving the key, thereby ensuring communication security.

Liqiao Qin,Hongxi Yin,Wei Liang,Ziyu Wang,Anshi Xu

DOI: https://doi.org/10.1007/s11107-007-0081-2

IF: 1.768

2008-01-01

Photonic Network Communications

Abstract:In this article, an M-code keying OCDMA system with parallel encoders/decoders is presented and its security performance is quantitatively analyzed. Under brute-force searching techniques, the formula about the average searching time is derived. The bit-correct-interception possibilities for tapping individual and multiple users’ signals are calculated, respectively. By analysis, it is shown that the security performance of an OCDMA system can be enhanced by employing M-code keying.

Peng Zhang,Chuang Lin

DOI: https://doi.org/10.1007/978-3-319-31083-1_3

2016-01-01

Abstract:As is introduced in Chap. 2, network coding is notoriously susceptible to pollution attacks: a single polluted packet can end up corrupting bunches of good ones. The mechanisms that we introduced previously either incur high computation/bandwidth overheads or cannot resist the tag pollution proposed recently. This chapter will present a novel idea termed padding for orthogonality for network coding authentication. Inspired by it, we design a public key-based signature scheme and a symmetric key-based MAC scheme, which can both effectively contain pollution attacks at forwarders. In particular, we combine them to propose a unified scheme termed MacSig, the first hybrid key cryptographic approach to network coding authentication. It can thwart both normal pollution and tag pollution attacks in an efficient way. Simulative results show that our MacSig scheme has a low bandwidth overhead and a verification process 2-4 times faster than typical signature-based solutions in some circumstances.

Ping Zhang,Hong-Gang Hu,Qian Yuan

DOI: https://doi.org/10.1155/2018/9715947

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:The Galois/Counter Mode of operation (GCM) is a widely used nonce-based authenticated encryption with associated data mode which provides the birthday-bound security in the nonce-respecting scenario; that is, it is secure up to about 2(n/2) adversarial queries if all nonces used in the encryption oracle are never repeated, where n is the block size. It is an open problem to analyze whether GCM security can be improved by using some simple operations. This paper presents a positive response for this problem. Firstly, we introduce two close to optimally secure pseudorandomfunctions and derive their security bound by the hybrid technique. Then, we utilize these pseudorandomfunctions that we design and a universal hash function to construct two improved versions of GCM, called OGCM-1 and OGCM-2. OGCM-1 and OGCM-2 are, respectively, provably secure up to approximately 2(n)/67(n-1)(2) and 2(n)/67 adversarial queries in the nonce-respecting scenario if the underlying block cipher is a secure pseudorandom permutation. Finally, we discuss the properties of OGCM-1 and OGCM-2 and describe the future works.

Chunhua Chen,Chris J. Mitchell,Shaohua Tang

DOI: https://doi.org/10.1007/s11036-011-0329-z

2011-01-01

Mobile Networks and Applications

Abstract:The Generic Authentication Architecture (GAA) is a standardised extension to the mobile authentication infrastructure that enables the provision of security services, such as key establishment, to network applications. In this paper we first show how Trusted Computing can be extended in a GAA-like framework to offer new security services. We then propose a general scheme that converts a simple static password authentication mechanism into a one-time password (OTP) system using the GAA key establishment service. The scheme employs a GAA-enabled user device and a GAA-aware server. Most importantly, unlike most OTP systems using a dedicated key-bearing token, the user device does not need to be user or server specific, and can be used in the protocol with no registration or configuration (except for the installation of the necessary application software). We also give two practical instantiations of the general scheme, building firstly on the mobile authentication infrastructure and secondly on Trusted Computing. The practical systems are secure, scalable, fit well to the multi-institution scenario, and enable the provision of ubiquitous and on-demand OTP services.

Uwe Starossek

DOI: https://doi.org/10.48550/arXiv.1608.05613

2016-08-18

Cryptography and Security

Abstract:A process for the secure transmission of data is presented that has to a certain degree the advantages of the one-time pad (OTP) cipher, that is, simplicity, speed, and information-theoretically security, but overcomes its fundamental weakness, the necessity of securely exchanging a key that is as long as the message. For each transmission, a dedicated one-time pad is generated for encrypting and decrypting the plaintext message. This one-time pad is built from a randomly chosen set of basic keys taken from a public library. Because the basic keys can be chosen and used multiple times, the method is called multiple-time pad (MTP) cipher. The information on the choice of basic keys is encoded in a short keyword that is transmitted by secure means. The process is made secure against known-plaintext attack by additional design elements. The process is particularly useful for high-speed transmission of mass data and video or audio streaming.

LUO Lan,QIN Zhi-Guang,WAN Guo-Gen,WEI Zheng-yao

DOI: https://doi.org/10.3969/j.issn.1001-0548.2009.04.029

2009-01-01

Abstract:The validity of the provable security of counter with cipher block chaining message authentication code (CCM) mode and cipher-based message authentication code (CMAC) mode was studied and proved. The illustrations of different communications' encryption have been developed. The security of the novel authentication operation mode is demonstrated with flowing chart. The standardized operation modes of block cipher are proved to be safe in various environments. The proposed procedure is also applicable to Galois/counter mode (GCM) operation mode published in July, 2007. The provable security is a necessary process for a new mode of block cipher.

Dajiang Chen,Ning Zhang,Nan Cheng,Kuan Zhang,Zhiguang Qin,Xuemin Shen

DOI: https://doi.org/10.1109/tdsc.2018.2846258

2018-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:In this paper, we investigate physical (PHY) layer message authentication to combat adversaries with infinite computational capacity. Specifically, a PHY-layer authentication framework over a wiretap channel (W-1, W-2) is proposed to achieve informationtheoretic security with the same key. We develop a theorem to reveal the requirements/conditions for the authentication framework to be information-theoretic secure for authenticating a polynomial number of messages in terms of n. Based on this theorem, we design an authentication protocol that can guarantee the security requirements, and prove its authentication rate can approach infinity when n goes to infinity. Furthermore, we design and implement a feasible and efficient message authentication protocol over binary symmetric wiretap channel (BSWC) by using Linear Feedback Shifting Registerbased (LFSR-based) hash functions and strong secure polar code. Through extensive simulations, it is demonstrated that the proposed protocol can achieve high authentication rate, with low time cost and authentication error rate.

Sahar Shahbaz,Bahareh Akhbari,Reza Asvadi

DOI: https://doi.org/10.48550/arXiv.1801.04420

2018-01-18

Abstract:We study the problem of two-user Gaussian multiple access channel (GMAC) in the presence of an external eavesdropper. In this problem, an eavesdropper receives a signal with a lower signal-to-noise ratio (SNR) compared to the legitimate receiver and all transmitted messages should be kept confidential against the eavesdropper. For this purpose, we propose a secure coding scheme on this channel which utilizes low-density parity-check (LDPC) codes by employing random bit insertion and puncturing techniques. At each encoder, the confidential message with some random bits as a random message are systematically encoded, and then the associated bits to the confidential message are punctured. Next, the encoders send their unpunctured bits over a Gaussian multiple access wiretap channel (GMAC-WT). The puncturing distribution applied to the LDPC code is considered in two cases: random and optimized. We utilize a modified extrinsic information transfer (EXIT) chart analysis to optimize the puncturing distribution for each encoder. The security gap is used as a measure of secrecy for the sent messages over GMAC-WT which should be made as small as possible. We compare the achieved secure rate pair with an achievable secrecy rate region of GMAC-WT to show the effective performance of the proposed scheme. In this paper, equal and unequal power conditions at the transmitters are investigated. For both cases, we attain a fairly small security gap which is equivalent to achieve the points near the secrecy rate region of GMAC-WT.

Information Theory

Lawrence Tandoh,Li Fagen,Ali Ikram,Haruna Charles R.,Kpiebaareh Michael Y.,Christopher Tandoh

DOI: https://doi.org/10.1007/s11235-021-00842-6

2021-01-01

Telecommunication Systems

Abstract:One of the major security threats that plague network coding are pollution attacks. Therefore, the ability to authenticate the contents of received packets is a vital requirement of all network coding authentication schemes. One of the most famous cryptographic approaches used to mitigate data and tag pollution in network coding are homomorphic message authentication codes (HMACS). In this approach, authentication is achieved by appending one or more HMAC tag vectors and in some cases a homomorphic cryptographic signature to the packet payload. Two major concerns arise when designing authentication schemes for network coding. These are the costs associated with the communication and computational overheads. These two factors determine the efficiency and practicality of the scheme. Unfortunately, in most cases, lowering one of the costs results in an increase in the other. In this paper we propose an efficient data and tag pollution immune authentication scheme based on HMACs and a homomorphic cryptographic signature. In our evaluation of the performance of the proposed scheme we compared it with three other similar state of the art schemes. The result of our evaluation showed that the proposed scheme incurs a computational overhead that is up to 64–97% lower at the source and non-source nodes. The proposed scheme also fairs well with respect to communication overhead where it is only outperformed by one of the three schemes. This difference however is minute (one symbol) and is greatly outweighed by the proposed schemes lower computational overhead.

Guomin Yang,Duncan S. Wong,Xiaotie Deng

DOI: https://doi.org/10.1007/11496137_23

2005-01-01

Abstract:The Canetti-Krawczyk (CK) model uses resuable modular components to construct indistinguishability-based key exchange protocols. The reusability of modular protocol components makes it easier to construct and prove new protocols when compared with other provably secure approaches. In this paper, we build an efficient anonymous and authenticated key exchange protocol for roaming by using the modular approach under the CK-model. Our protocol requires only four message flows and uses only standard cryptographic primitives. We also propose a one-pass counter based MT-authenticator and show its security under the assumption that there exists a MAC which is secure against chosen message attack.