Abstract
Gemmell and Naor proposed a new protocol for the authentication of long messages which was based on block codes and which used a transmission channel k times. This multiround authentication makes it possible to limit the key size independently of the message length. We propose a new attack and show that the probability analysis made by Gemmell and Naor, which was only based on the minimum distance property of the codes, does not hold for our attack. Considering also the impersonation attack we conclude that the number of rounds have to be odd.
Original language | English |
---|---|
Title of host publication | CRYPTO '94 |
Editors | Yvo Desmedt |
Place of Publication | Berlin, Heidelberg |
Publisher | Springer |
Pages | 121-128 |
Number of pages | 7 |
Volume | 839 |
Edition | IACR |
ISBN (Electronic) | 978-3-540-48658-9 |
ISBN (Print) | 978-3-540-58333-2 |
DOIs | |
Publication status | Published - 1994 Aug 21 |
Event | 14th annual cryptographic conference CRYPTO '94 - California, Santa Barbara, United States Duration: 1994 Aug 21 → 1994 Aug 25 Conference number: 14 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 839 |
Conference
Conference | 14th annual cryptographic conference CRYPTO '94 |
---|---|
Abbreviated title | CRYPTO '94 |
Country/Territory | United States |
City | Santa Barbara |
Period | 1994/08/21 → 1994/08/25 |
Subject classification (UKÄ)
- Other Electrical Engineering, Electronic Engineering, Information Engineering
Free keywords
- Hash functions
- Block code
- Impersonation attack
- Message length