Unformatted text preview: NSI X9.19 [56], ISO 87311 [759], ISO 9797 [763], and an Australian standard [1496]. Differential cryptanalysis can break this scheme with reducedround DES or FEAL as the underlying block algorithms [1197]. The potential security problem with this method is that the receiver must have the key, and that key allows him to generate messages with the same hash value as a given message by decrypting in the reverse direction. Message Authenticator Algorithm (MAA)
This algorithm is an ISO standard [760]. It produces a 32bit hash, and was designed for mainframe computers with a fast multiply instruction [428]. v = v <<< 1 e=v•w x = ((((e + y ) mod 232) ¦ A¥ C) * (x • Mi)) mod 232  1 y = ((((e + x) mod 232) ¦ B¥ D) * (y • Mi)) mod 232  2 Iterate these for each message block, Mi, and the resultant hash is the XOR of x and y. The variables v and e are determined from the key. A, B, C, and D are constants. This algorithm is probably in wide use, but I can’t believe it is all that secure. It was designed a long time ago, and isn’t very complicated. Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of this site is subject to certain Terms & Conditions, Copyright © 19962000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Go!
Keyword
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
 Bidirectional MAC
This MAC produces a hash value twice the length of the block algorithm [978]. First, compute the CBCMAC of the message. Then, compute the CBCMAC of the message with the blocks in reverse order. The bidirectional MAC value is simply the concatenation of the two. Unfortunately, this construction is insecure [1097]. Jue...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details