{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T06:23:48Z","timestamp":1748672628920,"version":"3.40.3"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031757563"},{"type":"electronic","value":"9783031757570"}],"license":[{"start":{"date-parts":[[2024,10,17]],"date-time":"2024-10-17T00:00:00Z","timestamp":1729123200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,10,17]],"date-time":"2024-10-17T00:00:00Z","timestamp":1729123200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-75757-0_4","type":"book-chapter","created":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T11:03:12Z","timestamp":1729594992000},"page":"67-86","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Security Analysis of\u00a0CMAC in\u00a0the\u00a0Multi-user Model"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-7719-5638","authenticated-orcid":false,"given":"Xiangyang","family":"Zhang","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9549-4538","authenticated-orcid":false,"given":"Yaobin","family":"Shen","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2749-0930","authenticated-orcid":false,"given":"Lei","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,10,17]]},"reference":[{"key":"4_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1007\/978-3-662-49890-3_22","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"M Bellare","year":"2016","unstructured":"Bellare, M., Bernstein, D.J., Tessaro, S.: Hash-function based PRFs: AMAC and its multi-user security. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 566\u2013595. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49890-3_22"},{"key":"4_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/3-540-45539-6_18","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Boldyreva, A., Micali, S.: Public-key encryption in a multi-user setting: security proofs and improvements. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259\u2013274. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_18"},{"issue":"3","key":"4_CR3","doi-asserted-by":"publisher","first-page":"362","DOI":"10.1006\/jcss.1999.1694","volume":"61","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. J. Comput. Syst. Sci. 61(3), 362\u2013399 (2000)","journal-title":"J. Comput. Syst. Sci."},{"key":"4_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"527","DOI":"10.1007\/11535218_32","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"M Bellare","year":"2005","unstructured":"Bellare, M., Pietrzak, K., Rogaway, P.: Improved security analyses for CBC\u00a0MACs. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 527\u2013545. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11535218_32"},{"key":"4_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/978-3-662-53018-4_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"M Bellare","year":"2016","unstructured":"Bellare, M., Tackmann, B.: The multi-user security of authenticated encryption: AES-GCM in TLS 1.3. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 247\u2013276. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_10"},{"issue":"3","key":"4_CR6","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1016\/S0020-0190(02)00269-7","volume":"84","author":"E Biham","year":"2002","unstructured":"Biham, E.: How to decrypt or even substitute des-encrypted messages in 228 steps. Inf. Process. Lett. 84(3), 117\u2013124 (2002)","journal-title":"Inf. Process. Lett."},{"key":"4_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/3-540-44598-6_12","volume-title":"Advances in Cryptology \u2014 CRYPTO 2000","author":"J Black","year":"2000","unstructured":"Black, J., Rogaway, P.: CBC MACs for arbitrary-length messages: the three-key constructions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 197\u2013215. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44598-6_12"},{"issue":"2","key":"4_CR8","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/s00145-004-0016-3","volume":"18","author":"J Black","year":"2005","unstructured":"Black, J., Rogaway, P.: CBC macs for arbitrary-length messages: the three-key constructions. J. Cryptol. 18(2), 111\u2013131 (2005)","journal-title":"J. Cryptol."},{"key":"4_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"468","DOI":"10.1007\/978-3-319-78381-9_18","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"P Bose","year":"2018","unstructured":"Bose, P., Hoang, V.T., Tessaro, S.: Revisiting AES-GCM-SIV: multi-user security, faster key derivation, and better bounds. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 468\u2013499. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_18"},{"key":"4_CR10","doi-asserted-by":"crossref","unstructured":"Bosselaers, A., Preneel, B.: Integrity Primitives for Secure Information Systems: Final Ripe Report of Race Integrity Primitives Evaluation, vol.\u00a01007. Springer, Heidelberg (1995)","DOI":"10.1007\/3-540-60640-8"},{"key":"4_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-642-28496-0_18","volume-title":"Selected Areas in Cryptography","author":"S Chatterjee","year":"2012","unstructured":"Chatterjee, S., Menezes, A., Sarkar, P.: Another look at tightness. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 293\u2013319. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-28496-0_18"},{"key":"4_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-642-55220-5_19","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"S Chen","year":"2014","unstructured":"Chen, S., Steinberger, J.: Tight security bounds for key-alternating ciphers. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 327\u2013350. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-55220-5_19"},{"issue":"3","key":"4_CR13","doi-asserted-by":"publisher","first-page":"36","DOI":"10.46586\/tosc.v2018.i3.36-92","volume":"2018","author":"N Datta","year":"2018","unstructured":"Datta, N., Dutta, A., Nandi, M., Paul, G.: Double-block hash-then-sum: a paradigm for constructing BBB secure PRF. IACR Trans. Symmetric Cryptol. 2018(3), 36\u201392 (2018)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Datta, N., Dutta, A., Nandi, M., Talnikar, S.: Tight multi-user security bound of dbhts. IACR Trans. Symmetric Cryptol. 192\u2013223 (2023)","DOI":"10.46586\/tosc.v2023.i1.192-223"},{"key":"4_CR15","doi-asserted-by":"crossref","unstructured":"Dworkin, M.J.: Recommendation for block cipher modes of operation: the CMAC mode for authentication. NIST SP 800-38B (2005)","DOI":"10.6028\/NIST.SP.800-38b-2005"},{"key":"4_CR16","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/978-3-031-15777-6_4","volume-title":"ICICS 2022","author":"T Guo","year":"2022","unstructured":"Guo, T., Wang, P.: A note on the security framework of two-key DbHtS MACs. In: Alcaraz, C., Chen, L., Li, S., Samarati, P. (eds.) ICICS 2022. LNCS, vol. 13407, pp. 55\u201368. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15777-6_4"},{"key":"4_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-662-53018-4_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"VT Hoang","year":"2016","unstructured":"Hoang, V.T., Tessaro, S.: Key-alternating ciphers and key-length extension: exact bounds and multi-user security. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 3\u201332. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_1"},{"key":"4_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"381","DOI":"10.1007\/978-3-319-56614-6_13","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"VT Hoang","year":"2017","unstructured":"Hoang, V.T., Tessaro, S.: The multi-user security of double encryption. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 381\u2013411. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56614-6_13"},{"key":"4_CR19","unstructured":"ISO\/IEC: Information Technology \u2013 Security Techniques \u2013 Message Authentication Codes (MACs) \u2013 Part 1: Mechanisms Using a Block Cipher. ISO\/IEC 9797-1:2011 (2011)"},{"key":"4_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-540-39887-5_11","volume-title":"Fast Software Encryption","author":"T Iwata","year":"2003","unstructured":"Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129\u2013153. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-39887-5_11"},{"key":"4_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"402","DOI":"10.1007\/978-3-540-24582-7_30","volume-title":"Progress in Cryptology - INDOCRYPT 2003","author":"T Iwata","year":"2003","unstructured":"Iwata, T., Kurosawa, K.: Stronger security bounds for OMAC, TMAC, and XCBC. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 402\u2013415. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-24582-7_30"},{"key":"4_CR22","unstructured":"Jha, A., Nandi, M.: Revisiting structure graph and its applications to CBC-MAC and EMAC. IACR Cryptol. ePrint Arch. 161 (2016). http:\/\/eprint.iacr.org\/2016\/161"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Kaufman, C., Hoffman, P.E., Nir, Y., Eronen, P., Kivinen, T.: Internet Key Exchange Protocol Version 2 (IKEv2). RFC 7296 (2014). https:\/\/www.rfc-editor.org\/info\/rfc7296","DOI":"10.17487\/rfc7296"},{"key":"4_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/3-540-36563-X_3","volume-title":"Topics in Cryptology \u2014 CT-RSA 2003","author":"K Kurosawa","year":"2003","unstructured":"Kurosawa, K., Iwata, T.: TMAC: two-key CBC MAC. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 33\u201349. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36563-X_3"},{"key":"4_CR25","unstructured":"Kurosawa, K., Iwata, T.: TMAC: two-key CBC MAC. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 87-A(1), 46\u201352 (2004)"},{"key":"4_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"575","DOI":"10.1007\/978-3-319-70697-9_20","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"A Luykx","year":"2017","unstructured":"Luykx, A., Mennink, B., Paterson, K.G.: Analyzing multi-key security degradation. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 575\u2013605. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70697-9_20"},{"key":"4_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"724","DOI":"10.1007\/978-3-030-64837-4_24","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2020","author":"A Morgan","year":"2020","unstructured":"Morgan, A., Pass, R., Shi, E.: On the adaptive security of MACs and PRFs. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12491, pp. 724\u2013753. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64837-4_24"},{"key":"4_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1007\/978-3-662-47989-6_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"N Mouha","year":"2015","unstructured":"Mouha, N., Luykx, A.: Multi-key security: the even-mansour construction revisited. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 209\u2013223. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47989-6_10"},{"key":"4_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1007\/978-3-319-70700-6_16","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"Y Naito","year":"2017","unstructured":"Naito, Y.: Blockcipher-based MACs: beyond the birthday bound without message length. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10626, pp. 446\u2013470. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70700-6_16"},{"key":"4_CR30","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1007\/978-3-031-58868-6_3","volume-title":"CT-RSA 2024","author":"Y Naito","year":"2024","unstructured":"Naito, Y.: The multi-user security of macs via universal hashing in the ideal cipher model. In: Oswald, E. (ed.) CT-RSA 2024. LNCS, vol. 14643, pp. 51\u201377. Springer, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-58868-6_3"},{"issue":"2","key":"4_CR31","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1515\/JMC.2009.006","volume":"3","author":"M Nandi","year":"2009","unstructured":"Nandi, M.: Improved security analysis for OMAC as a pseudorandom function. J. Math. Cryptol. 3(2), 133\u2013148 (2009)","journal-title":"J. Math. Cryptol."},{"key":"4_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"328","DOI":"10.1007\/978-3-642-04159-4_21","volume-title":"Selected Areas in Cryptography","author":"J Patarin","year":"2009","unstructured":"Patarin, J.: The \u201ccoefficients H\u2019\u2019 technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328\u2013345. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04159-4_21"},{"key":"4_CR33","doi-asserted-by":"publisher","unstructured":"Poovendran, R., Song, J., Lee, J.: The AES-CMAC-96 Algorithm and Its Use with IPsec. RFC 4494 (2006). https:\/\/doi.org\/10.17487\/RFC4494. https:\/\/www.rfc-editor.org\/info\/rfc4494","DOI":"10.17487\/RFC4494"},{"key":"4_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"309","DOI":"10.1007\/978-3-030-84252-9_11","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"Y Shen","year":"2021","unstructured":"Shen, Y., Wang, L., Gu, D., Weng, J.: Revisiting the security of DbHtS MACs: beyond-birthday-bound in the multi-user setting. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12827, pp. 309\u2013336. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_11"},{"key":"4_CR35","unstructured":"Song, J., Poovendran, R., Lee, J., Iwata, T.: The AES-CMAC algorithm. Technical report, RFC 4493 (2006)"},{"key":"4_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"366","DOI":"10.1007\/978-3-642-11925-5_25","volume-title":"Topics in Cryptology - CT-RSA 2010","author":"K Yasuda","year":"2010","unstructured":"Yasuda, K.: The sum of CBC\u00a0MACs is a secure PRF. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 366\u2013381. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-11925-5_25"},{"key":"4_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"596","DOI":"10.1007\/978-3-642-22792-9_34","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"K Yasuda","year":"2011","unstructured":"Yasuda, K.: A new variant of PMAC: beyond the birthday bound. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 596\u2013609. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_34"}],"container-title":["Lecture Notes in Computer Science","Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-75757-0_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T11:04:09Z","timestamp":1729595049000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-75757-0_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,17]]},"ISBN":["9783031757563","9783031757570"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-75757-0_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024,10,17]]},"assertion":[{"value":"17 October 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Arlington, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"isw2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/isc24.cs.gmu.edu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}