Knudsen, Lars R and Mitchell, Chris J (2003) Analysis of 3gpp-MAC and two-key 3gpp-MAC. Discrete Applied Mathematics, 128 (1).
Full text access: Open
Forgery and key-recovery attacks are described on the 3gpp-MAC scheme, proposed for inclusion in the 3gpp specification. Three main classes of attack are given, all of which operate whether or not truncation is applied to the MAC value. Attacks in the first class use a large number of ‘chosen MACs’, those in the second class use a large number of ‘known MACs’, and those in the third class require a large number of MAC verifications, but very few known MACs and no chosen MACs. The first class yields both forgery and key-recovery attacks, whereas the second and third classes are key-recovery attacks only. Both single-key and two-key variants of 3gpp-MAC are considered; the forgery attacks are relevant to both variants, whereas the key-recovery attacks are only relevant to the two-key variant.
This is a Submitted version This version's date is: 5/2003 This item is not peer reviewed
https://repository.royalholloway.ac.uk/items/3041da53-805c-d319-b860-357471a66aa3/10/
Deposited by Research Information System (atira) on 18-Nov-2014 in Royal Holloway Research Online.Last modified on 18-Nov-2014
This is the Preprint version of the paper submitted to Elsevier Science to appear in 'Discrete Applied Mathematics', 128(1), May 2003. Copyright 2003 Elsevier Science B.V., Amsterdam.