Paper 2014/251

Forgery on Stateless CMCC

Guy Barwell

Abstract

We present attacks against CMCC that invalidate the claimed security of integrity protection and misuse resistance. We exploit the fact zero-padding is used on both the message and authenticated data and demonstrate how one may generate a forgery with a single call to the encryption oracle. From this we calculate the ciphertext of the chosen message, yielding a forgery and so breaking INT-CTXT. In the nonce-reuse setting, existence of a forgery leads directly to a 2-query distinguisher.

Note: Added author contact information to body of paper

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
CAESARcmccauthenticated-encryption
Contact author(s)
guy barwell @ bristol ac uk
History
2014-04-22: revised
2014-04-20: received
See all versions
Short URL
https://ia.cr/2014/251
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/251,
      author = {Guy Barwell},
      title = {Forgery on Stateless CMCC},
      howpublished = {Cryptology ePrint Archive, Paper 2014/251},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/251}},
      url = {https://eprint.iacr.org/2014/251}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.