Decorrelation over infinite domains: the encrypted CBC-MAC case
Decorrelation theory has recently been proposed in order to address the security of block ciphers and other cryptographic primitives over a finite domain. We show here how to extend it to infinite domains, which can be used in the message authentication code (MAC) case. Bellare et al., (1994), proved that CBC-MAC is secure when the input length is fixed. This has been extended by Petrank and Rackoff (1997) with a variable length. We prove a result similar to Petrank and Rackoff's one by using decorrelation theory. This leads to a slightly improved result and a more compact proof. This result is meant to be a general proving technique for security, which can be compared to the approach which was announced by Maurer (CRYPT0'99)
Vau00b.ps
openaccess
198.76 KB
Postscript
22672fa4dc463d10d0e1a079d2ebfdda