3.12 In this problem,we demonstrate that for CMAC,a variant that XORs the second key after app - Solutions Network Security Essentials

3.12 In this problem,we demonstrate that for CMAC,a variant that XORs the second key after applying the final encryption doesn't work. Let us consider this for the case of the message being an integer multiple of the block size.Then the variant can be expressed as VMAC(K,M) CBC(K,M) K1. Now suppose an adversary is able to ask for the MACs of three messages:the message 0 0n,where n is the cipher block size;the message 1 1n;and the message 170.As a result of these three queries,the adversary gets T0 CBC(K, 0) K1; T1 CBC(K, 1) K1 and T2 CBC(K, [CBC(K, 1)]) K1. Show that the adversary can compute the correct MAC for the (unquerie d) message 07(T0 T1).


View solution: $5 USD. View Solution



<< Back	Next >>

Solupals - Textbook Solutions Solutions Network Security Essentials - Stallings 4th ed