This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Authenticating Multicast Internet Electronic Mail Messages Using a Bidirectional MAC is Insecure
April 1992 (vol. 41 no. 4)
pp. 505-507

The 1988 version of the message encryption and authentication procedures for Internet electronic mail makes use of bidirectional MAC (BMAC). When used for multicast electronic mail it is important that this BMAC act as a one-way function. It is shown that it is not a one-way function, which means that the BMAC technique should not be used for authenticating multicast messages.

[1] ANSI X3.92-1981,Data encryption algorithm, American National Standards Institute (New York), 1981.
[2] ANSI X3.106-1983, American National Standard for Information Systems--Data Encryption Algorithm--Modes of Operation, American National Standards Institute, New York, 1983.
[3] ANSI X9.9, Financial Institution Message Authentication (wholesale), American Bankers Association, Washington, DC, Aug. 1986.
[4] ANSI X9.19, Financial Institution Retail Message Authentication, American Bankers Association, Washington, DC.
[5] D. W. Davies and W. L. Price,Security for Computer Networks, Chichester, UK: Wiley, 1984.
[6] FIPS PUB 46, Data Encryption Standard, Federal Information Processing Standards Publication 46, National Bureau of Standards, U.S. Dep. of Commerce, Washington, DC, Jan. 1977.
[7] FIPS PUB 81, DES Modes of Operation, Federal Information Processing Standards Publication 81, National Bureau of Standards, U.S. Dept. of Commerce, Washington, DC, Dec. 1980.
[8] ISO 8372, Information Processing--Modes of Operation for a 64-bit Block Cipher Algorithm, International Organization for Standardization, 1987.
[9] S. T. Kent and J. Linn, "Privacy enhancement for Internet Electronic Mail: Part II-Certificate-based key management [Draft],"Request for Comments 1114 (RFC 1114), IAB Internet Privacy Task Force, Aug. 1989.
[10] J. Linn, "Privacy enhancement for Internet Electronic Mail: Part I--Message encipherment and authentication procedures,"Request for Comments 989 (RFC 989), IAB Internet Privacy Task Force, Feb. 1987.
[11] J. Linn, "Privacy enhancement for Internet Electronic Mail: Part I--Message encipherment and authentication procedures,"Request for Comments 1040 (RFC 1040), IAB Internet Privacy Task Force, Jan. 1988.
[12] J. Linn, "Privacy enhancement for Internet Electronic Mail: Part I--Message encipherment and authentication procedures [Draft],"Request for Comments 1113 (RFC 1113), IAB Internet Privacy Task Force, Aug. 1989.
[13] J. Linn, "Privacy enhancement for Internet Electronic Mail: Part III--Algorithms, modes and identifiers [Draft],"Request for Comments 1115 (RFC 1115), IAB Internet Privacy Task Force, Aug. 1989.
[14] R. C. Merkle, "One way hash functions and DES," preprint (Xerox PARC), 1989.
[15] C. J. Mitchell, "Multi-destination secure electronic mail,"Comput. J., vol. 32, pp. 13-15, 1989.
[16] C. J. Mitchell and M. Walker, "Solutions to the multidestination secure electronic mail problem,"Comput. and Security, vol. 7, pp. 483-488, 1988.
[17] R. S. Winternitz, "Producing a one-way hash function from DES," inAdvances in Cryptology: Proc. Crypto 83. New York: Plenum, 1984, pp. 203-207.
[18] R. S. Winternitz, "A secure one-way hash function built from DES," inProc. 1984 IEEE Sympo. Security and Privacy, IEEE, 1984, pp. 88-90.

Index Terms:
message encryption; authentication; Internet electronic mail; bidirectional MAC; multicast electronic mail; cryptography; electronic mail.
Citation:
C.J. Mitchell, "Authenticating Multicast Internet Electronic Mail Messages Using a Bidirectional MAC is Insecure," IEEE Transactions on Computers, vol. 41, no. 4, pp. 505-507, April 1992, doi:10.1109/12.135563
Usage of this product signifies your acceptance of the Terms of Use.