On Computationally Secure Authentication Tags Requiring Short Secret Shared Keys

Brassard, Gilles

doi:10.1007/978-1-4757-0602-4_7

Gilles Brassard³

711 Accesses
38 Citations

Abstract

As an application of strongly universal-2 classes of hash functions, Wegman and Carter have proposed a provably secure authentication tag system.¹ Their technique allows the receiver to be certain that a message is genuine. An enemy, even one with infinite computing power, cannot forge or modify a message without detection. Moreover, there are no messages that just happen to be easy to forge. Unfortunately, their scheme requires that the sender and the receiver share a rather long secret key if they wish to use the system more than once. Indeed, the length of the key is essentially n log(1/p), where n is the number of messages they wish to be able to authenticate before having to agree on a new secret key, and p is the probability of undetected forgery they are willing to tolerate. Since they also proved that n log(1/p) is a lower bound on the number of bits required by any tag system that assures security against infinite computing power, it is clearly necessary to resort to computational complexity if we wish to have a scheme usable in practice allowing a potentially very large number of messages to be authenticated.

Supported in part by Canada’s NSERC grant number A4107.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

M.N. Wegman and J.L. Carter, New Hash Functions and Their Use in Authentication and set Equality, JCSS, 22: 265 (1981).
Google Scholar
W. Diffie and M.E. Hellman, New Directions in Cryptography, IEEE Trans. Info. Th., IT-22: 644 (1976).
Google Scholar
R.L. Rivest, A. Shamir and L. Adleman, On Digital Signature and Public-Key Cryptosystems, CACM, 21: 120 (1978).
Google Scholar
A. Shamir, A Polynomial-Time Algorithm for Breaking the Basic Merkle-Hellman Cryptosystem, in: “Proc. of 23rd FOCS Symposium, Chicago,” IEEE, New York (1982).
Google Scholar
L. Adleman, On Breaking the Iterated Knapsack Public-Key Cryptosystem, presented at: “AMS Workshop on Probabilistic Computational Com- plexity, Durham,” A. Meyer, chair. (1982).
Google Scholar
R. Merkle and M.E. Hellman, Hiding Information and Receipts in Trap-Door Knapsacks, IEEE Trans. Info. th., IT-24: 525 (1978).
Google Scholar
M.O. Rabin, Digitalized Signatures and Public-Key Functions as Intractable as Factorization, MIT/LCS/TR-212 (1979).
Google Scholar
S. Goldwasser and S. Micali, Probabilistic Encryption How to Play Mental Poker Keeping Secret all Partial Information, in: “Proc. of 14th STOC Symposium, San Francisco,” ACM, New York (1982).
Google Scholar
S. Goldwasser, S. Micali and A. Yao, On Authentication, Digital Signatures and Contracts in Presence of Meddler, in: “Advances in Cryptography: Proceedings of CRYPTO 82,” R. Rivest, ed., Plenum Press, New York (1983).
Google Scholar
National Bureau of Standards, Federal Information Processing Standards Publication no. 46.
Google Scholar
M. Blum and S. Micali, How to Generate Cryptographically Strong Sequences of Pseudo Random Bits, in: “Proc. of 23rd FOCS Symposium, Chicago,” IEEE, New York (1982).
Google Scholar
A. Yao, Theory and Application of Trapdoor Functions, in: “Proc. of 23rd FOCS Symposium, Chicago,” IEEE, New York (1982).
Google Scholar
R.R. Coveyou and R.D. MacPherson, Fourier Analysis of Uniform Random Number Generators, JACM, 14: 100 (1967).
Google Scholar
G.B. Kolata, New Codes Coming into Use, Science Magazine, 208: 694 (1980).
CAS Google Scholar
C.H. Bennett, G. Brassard, S. Breidbart and S. Weisner, Quantum Cryptography, or Unforgeable Subway Tokens, in: “Advances in Cryptography: Proceedings of CRYPTO 82,” R. Rivest, ed., Plenum Press, New York (1983).
Google Scholar
L. Blum, M. Blum and M. Shub, A Simple Secure Pseudo-Random Number Generator, in: “Advances in Cryptography: Proceedings of CRYPTO 82,” R. Rivest, ed., Plenum Press, New York (1983).
Google Scholar
S. Goldwasser, S. Miceli and P. Tong, How to Establish a Private Code on a Public Network, in: “Proc. of 23rd FOCS Symposium, Chicago,” IEEE, New York (1982).
Google Scholar

Download references

Author information

Authors and Affiliations

Département d’informatique et de recherche opérationnelle, Université de Montréal, C.P. 6128, Succursale “A”, Montréal, Québec, H3C 3J7, Canada
Gilles Brassard

Authors

Gilles Brassard
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

University of California, Santa Barbara, California, USA
David Chaum
Massachusetts Institute of Technology, Cambridge, Massachusetts, USA
Ronald L. Rivest & Alan T. Sherman &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Brassard, G. (1983). On Computationally Secure Authentication Tags Requiring Short Secret Shared Keys. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds) Advances in Cryptology. Springer, Boston, MA. https://doi.org/10.1007/978-1-4757-0602-4_7

Download citation

DOI: https://doi.org/10.1007/978-1-4757-0602-4_7
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-0604-8
Online ISBN: 978-1-4757-0602-4
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics