Title: A security analysis of the Message Authenticator Algorithm (MAA)
Authors: Preneel, Bart ×
Rijmen, Vincent
van Oorschot, Paul #
Issue Date: 1997
Publisher: Associazione elettrotecnica ed elettronica italiana
Series Title: European Transactions on Telecommunications and Related Technologies vol:8 issue:5 pages:455-470
Abstract: The security of the ISO banking standard Message Authenticator Algorithm (ISO 8731-2), also known as MAA, is considered. The attacks presented herein, which exploit the internal structure of the algorithm, are the first computationally feasible attacks on MAA. First a MAC forgery attack is presented that requires 2(17) messages of 256 kbytes or 2(24) messages of 1 kbyte; the latter circumvents the special MAA mode for long messages defined in the standard. Next a key recovery attack on MAA is described which requires 2(32) chosen texts consisting of a single message block. The number of off-line multiplications for this attack varies between 2(44) for one key in 1000 to about 2(51) for one key in 50. This should be compared to about 3 . 2(65) multiplications for an exhaustive key search. Finally it is shown that MAA has 2(33) keys for which it is rather easy to create a large cluster of collisions. These keys can be detected and recovered with 2(27) chosen texts. From these attacks follows the identification of several classes of weak keys for MAA.
ISSN: 1120-3862
Publication status: published
KU Leuven publication type: IT
Appears in Collections:ESAT - STADIUS, Stadius Centre for Dynamical Systems, Signal Processing and Data Analytics
× corresponding author
# (joint) last author

Files in This Item:

There are no files associated with this item.

Request a copy


All items in Lirias are protected by copyright, with all rights reserved.

© Web of science