International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR Local Search

Possible queries include homomorphic author:david.
Found 20000 results
Key-recovery attacks against the MAC algorithm Chaskey
Chrysanthi Mavromati
Chaskey is a Message Authentication Code (MAC) for 32-bit microcontrollers proposed by Mouha et. al at SAC 2014. Its underlying blockcipher uses an Even-Mansour construction with a permutation based on the ARX methodology. In...
received 14 Aug 2015
Chrysanthi Mavromati
Chaskey: a MAC Algorithm for Microcontrollers -- Status Update and Proposal of Chaskey-12 --
Nicky Mouha
The Chaskey MAC algorithm was presented by Mouha et al. at SAC 2014. It is designed for real-world applications where 128-bit keys are required, but standard cryptographic algorithms cannot be implemented because of stringent...
last revised 10 Dec 2015
Chaskey: An Efficient MAC Algorithm for 32-bit Microcontrollers
Nicky Mouha Bart Mennink Anthony Van Herrewege Dai Watanabe Bart Preneel Ingrid Verbauwhede
We propose Chaskey: a very efficient Message Authentication Code (MAC) algorithm for 32-bit microcontrollers. It is intended for applications that require 128-bit security, yet cannot implement standard MAC algorithms because...
last revised 20 Mar 2015
Key Recovery and Forgery Attacks on the MacDES MAC Algorithm
Don Coppersmith Lars R. Knudsen Chris J. Mitchell
Crypto 2000
Key-Recovery Attacks on Universal Hash Function Based MAC Algorithms
Helena Handschuh Bart Preneel
Crypto 2008
Improved Differential-Linear Cryptanalysis of 7-round Chaskey with Partitioning
Gaëtan Leurent
In this work we study the security of Chaskey, a recent lightweight MAC designed by Mouha et al., currently being considered for standardisation by ISO/IEC and ITU-T. Chaskey uses an ARX structure very similar to SipHash. We...
last revised 22 Feb 2016
Equivalent Key Recovery Attacks against HMAC and NMAC with Whirlpool Reduced to 7 Rounds
Jian Guo Yu Sasaki Lei Wang Meiqin Wang Long Wen
A main contribution of this paper is an improved analysis against HMAC instantiating with reduced Whirlpool. It recovers equivalent keys, which are often denoted as Kin and Kout, of HMAC with 7-round Whirlpool, while the...
received 2 Feb 2015
Practical Key Recovery Attack against Secret-prefix Edon-R
Gaëtan Leurent
Edon-R is one of the fastest SHA-3 candidate. In this paper we study the security of Edon-R, and we show that using Edon-R as a MAC with the secret prefix construction is unsafe. We present a practical attack in the case of...
last revised 3 Jun 2009
New Generic Attacks Against Hash-based MACs
Gaëtan Leurent Thomas Peyrin Lei Wang
In this paper we study the security of hash-based MAC algorithms (such as HMAC and NMAC) above the birthday bound. Up to the birthday bound, HMAC and NMAC are proven to be secure under reasonable assumptions on the hash...
received 31 May 2014
Universal Forgery and Key Recovery Attacks on ELmD Authenticated Encryption Algorithm
Asli Bay Oguzhan Ersoy Ferhat Karakoç
In this paper, we provide a security analysis of ELmD: a block cipher based Encrypt-Linear-mix-Decrypt authentication mode. As being one of the second-round CAESAR candidate, it is claimed to provide misuse resistant against...
last revised 20 Jun 2016
Collision Attacks against CAESAR Candidates -- Forgery and Key-Recovery against AEZ and Marble
Thomas Fuhr Gaëtan Leurent Valentin Suder
In this paper we study authenticated encryption algorithms inspired by the OCB mode (Offset Codebook). These algorithms use secret offsets (masks derived from a whitening key) to turn a block cipher into a tweakable block...
received 14 Dec 2015
Is AEZ v4.1 Sufficiently Resilient Against Key-Recovery Attacks?
Colin Chaigneau Henri Gilbert
Tosc 2016
AEZ is a parallelizable, AES-based authenticated encryption algorithm that is well suited for software implementations on processors equipped with the AES-NI instruction set. It aims at offering exceptionally strong security...
Is AEZ v4.1 Sufficiently Resilient Against Key-Recovery Attacks?
Colin Chaigneau Henri Gilbert
AEZ is a parallelizable, AES-based authenticated encryption algorithm that is well suited for software implementations on processors equipped with the AES-NI instruction set. It aims at offering exceptionally strong security...
last revised 30 Aug 2016
Multi-user Collisions: Applications to Discrete Logarithm, Even-Mansour and PRINCE
Pierre-Alain Fouque Antoine Joux Chrysanthi Mavromati
Asiacrypt 2014
Improved Conditional Cube Attacks on Keccak Keyed Modes with MILP Method
Zheng Li Wenquan Bi Xiaoyang Dong Xiaoyun Wang
Conditional cube attack is an efficient key-recovery attack on Keccak keyed modes proposed by Huang et al. at EUROCRYPT 2017. By assigning bit conditions, the diffusion of a conditional cube variable is reduced. Then, using a...
last revised 28 Aug 2017
Cryptanalysis against Symmetric-Key Schemes with Online Classical Queries and Offline Quantum Computations
Akinori Hosoyamada Yu Sasaki
In this paper, quantum attacks against symmetric-key schemes are presented in which adversaries only make classical queries but use quantum computers for offline computations. Our attacks are not as efficient as...
last revised 8 Jan 2018
Distinguishing Attacks on MAC/HMAC Based on A New Dedicated Compression Function Framework
Zheng Yuan Xiaoqiu Ren
A new distinguishing attack on HMAC and NMAC based on a dedicated compression function framework H, proposed in ChinaCrypt2008, is first presented in this paper, which distinguish the HMAC/NMAC-H from HMAC/NMAC with a random...
last revised 8 Apr 2012
Quantum Key-Recovery on full AEZ
Xavier Bonnetain
AEZ is an authenticated encryption algorithm, submitted to the CAESAR competition. It has been selected for the third round of the competition. While some classical analysis on the algorithm have been published, the cost of...
received 8 Aug 2017
A Block Cipher based PRNG Secure Against Side-Channel Key Recovery
Christophe Petit Francois-Xavier Standaert Olivier Pereira Tal G. Malkin Moti Yung
We study the security of a block cipher-based pseudorandom number generator, both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model....
last revised 2 Jan 2008
Next ►