@inproceedings{f6a353a25e6f4d64b8135e81f3c21f3c,
title = "Key recovery attacks on the RMAC, TMAC, and IACBC",
abstract = "The RMAC [6] is a variant of CBC-MAC, which resists birthday attacks and gives provably full security. The RMAC uses 2k-bit keys and the size of the RMAC is 2n, where n is the size of underlying block cipher. The TMAC [10] is the improved MAC scheme of XCBC [4] such that it requires (k +n)-bit keys while the XCBC requires (k +2n)-bit keys. In this paper, we introduce trivial key recovery attack on the RMAC with about 2n computations, which is more realistic than the attacks in [9]. Also we give a new attack on the TMAC using about 2n/2+1 texts, which can recover an (k + n)-bit key. However this attack can not be applied to the XCBC. Furthermore we analyzed the IACBC mode [8], which gives confidentiality and message integrity.",
keywords = "CBC-MAC, IACBC, Key recovery attacks, Message authentication codes, Modes of operation, RMAC, TMAC, XCBC",
author = "Jaechul Sung and Deukjo Hong and Sangjin Lee",
note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 2003.; 8th Australasian Conference on Information Security and Privacy, ACISP 2003 ; Conference date: 09-07-2003 Through 11-07-2003",
year = "2003",
doi = "10.1007/3-540-45067-X\_23",
language = "English",
isbn = "3540405151",
series = "Lecture Notes in Computer Science",
publisher = "Springer Verlag",
pages = "265--273",
editor = "Rei Safavi-Naini and Jennifer Seberry",
booktitle = "Information Security and Privacy - 8th Australasian Conference, ACISP 2003, Proceedings",
address = "Germany",
}