[{"volume":4052,"dini_type":"doc-type:conferenceObject","date_updated":"2021-01-12T07:41:52Z","date_created":"2018-12-11T12:02:04Z","author":[{"last_name":"Pietrzak","first_name":"Krzysztof Z","orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87"}],"intvolume":" 4052","publication_status":"published","status":"public","_id":"3216","acknowledgement":"Part of this work is supported by the Commission of the European Communities through the IST program under contract IST-2002-507932 ECRYPT.","extern":1,"publist_id":"3463","abstract":[{"lang":"eng"}],"alternative_title":[],"type":"conference","date_published":"2006-07-28T00:00:00Z","conference":{"name":"ICALP: Automata, Languages and Programming"},"page":"168 - 179","quality_controlled":0,"citation":{"ista":"Pietrzak KZ. 2006. A tight bound for EMAC. ICALP: Automata, Languages and Programming, LNCS, vol. 4052, 168–179.","ieee":"K. Z. Pietrzak, “A tight bound for EMAC,” presented at the ICALP: Automata, Languages and Programming, 2006, vol. 4052, pp. 168–179.","apa":"Pietrzak, K. Z. (2006). A tight bound for EMAC (Vol. 4052, pp. 168–179). Presented at the ICALP: Automata, Languages and Programming, Springer. https://doi.org/10.1007/11787006_15","mla":"Pietrzak, Krzysztof Z. A Tight Bound for EMAC. Vol. 4052, Springer, 2006, pp. 168–79, doi:10.1007/11787006_15.","short":"K.Z. Pietrzak, in:, Springer, 2006, pp. 168–179.","chicago":"Pietrzak, Krzysztof Z. “A Tight Bound for EMAC,” 4052:168–79. Springer, 2006. https://doi.org/10.1007/11787006_15."},"uri_base":"https://research-explorer.ista.ac.at","day":"28","month":"07","dc":{"creator":["Krzysztof Pietrzak"],"type":["info:eu-repo/semantics/conferenceObject","doc-type:conferenceObject","text","http://purl.org/coar/resource_type/c_5794"],"identifier":["https://research-explorer.ista.ac.at/record/3216"],"description":["We prove a new upper bound on the advantage of any adversary for distinguishing the encrypted CBC-MAC (EMAC) based on random permutations from a random function. Our proof uses techniques recently introduced in [BPR05], which again were inspired by [DGH + 04].\nThe bound we prove is tight — in the sense that it matches the advantage of known attacks up to a constant factor — for a wide range of the parameters: let n denote the block-size, q the number of queries the adversary is allowed to make and ℓ an upper bound on the length (i.e. number of blocks) of the messages, then for ℓ ≤ 2 n/8 and q≥ł2 the advantage is in the order of q 2/2 n (and in particular independent of ℓ). This improves on the previous bound of q 2ℓΘ(1/ln ln ℓ)/2 n from [BPR05] and matches the trivial attack (which thus is basically optimal) where one simply asks random queries until a collision is found."],"date":["2006"],"rights":["info:eu-repo/semantics/closedAccess"],"source":["Pietrzak KZ. A tight bound for EMAC. In: Vol 4052. Springer; 2006:168-179. doi:10.1007/11787006_15"],"relation":["info:eu-repo/semantics/altIdentifier/doi/10.1007/11787006_15"],"publisher":["Springer"],"title":["A tight bound for EMAC","LNCS"]}}]