Movatterモバイル変換

[0]ホーム
URL:

Jump to content
WikipediaThe Free Encyclopedia
Search

Message Authenticator Algorithm

From Wikipedia, the free encyclopedia

TheMessage Authenticator Algorithm (MAA) was one of the firstcryptographic functions for computing amessage authentication code (MAC).

History

[edit]

It was designed in 1983 byDonald Davies and David Clayden at theNational Physical Laboratory (United Kingdom) in response to a request of the UK Bankers Automated Clearing Services. The MAA was one of the first Message Authentication Code algorithms to gain widespread acceptance.

Development and standardization

[edit]

The original specification[1][2] of the MAA was given in a combination of natural language and tables, complemented by two implementations inC andBASIC programming languages.

The MAA was adopted byISO in 1987 and became part of international standards ISO 8730[3][4] and ISO 8731-2[5] intended to secure the authenticity and integrity of banking transactions.

Attacks

[edit]

Later, cryptanalysis of MAA revealed various weaknesses, including feasible brute-force attacks, existence of collision clusters, and key-recovery techniques.[6][7][8][9] For this reason, MAA was withdrawn from ISO standards in 2002 but continued to be used as a prominent case study for assessing variousformal methods.[10]

Formal specifications of the MAA

[edit]

The MAA has been used as a prominent case study for assessing variousformal methods.

In the early 1990s, theNPL developed three formal specifications of the MAA: one inZ,[11] one inLOTOS,[12] and one inVDM.[13][14] The VDM specification became part of the 1992 revision of the International Standard 8731-2, and three implementations were manually derived from that latter specification:C,Miranda, andModula-2.[15]

Other formal models of the MAA have been developed. In 2017, a complete formal specification of the MAA as a largeterm rewriting system was published;[16] From this specification,implementations of the MAA in fifteen different languages have been generated automatically. In 2018, two new formal specifications of the MAA, inLOTOS and LNT, have been published.[17]

References

[edit]
  1. ^Davies, Donald W. (1985). "A Message Authenticator Algorithm Suitable for a Mainframe Computer".Advances in Cryptology – Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (CRYPTO’84), Santa Barbara, CA, USA. Lecture Notes in Computer Science. Vol. 196. Springer. pp. 393–400.doi:10.1007/3-540-39568-7_30.
  2. ^Davies, Donald W.; Clayden, David O. (1988).The Message Authenticator Algorithm (MAA) and its Implementation(PDF) (NPL Report DITC 109/88). Teddington, Middlesex, UK: National Physical Laboratory.
  3. ^International Organization for Standardization (1987). International Standard 8731-2. Approved Algorithms for Message Authentication – Part 2: Message Authenticator Algorithm (MAA) (Report). Geneva.
  4. ^International Organization for Standardization (1992). International Standard 8731-2. Approved Algorithms for Message Authentication – Part 2: Message Authenticator Algorithm (MAA) (Report). Geneva.
  5. ^International Organization for Standardization (1990). International Standard 8730. Requirements for Message Authentication (Wholesale) (Report). Geneva.
  6. ^Preneel, Bart; van Oorschot, Paul C. (1996).On the Security of Two MAC Algorithms. Advances in Cryptology – Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT’96), Saragossa, Spain. Lecture Notes in Computer Science. Vol. 1070. Springer. pp. 19–32.doi:10.1007/3-540-68339-9_3.
  7. ^Preneel, Bart; van Oorschot, Paul C. (1999). "On the Security of Iterated Message Authentication Codes".IEEE Transactions on Information Theory.45 (1):188–199.doi:10.1109/18.746787.
  8. ^Preneel, Bart; Rumen, Vincent; van Oorschot, Paul C. (1997). "Security Analysis of the Message Authenticator Algorithm (MAA) -journal=European Transactions on Telecommunications".8 (5):455–470.doi:10.1002/ett.4460080504.{{cite journal}}:Cite journal requires|journal= (help)
  9. ^Rijmen, Vincent; Preneel, Bart; De Win, Erik (1996).Key Recovery and Collision Clusters for MAA(PDF). Proceedings of the 1st International Conference on Security in Communication Networks (SCN’96).
  10. ^Preneel, Bart (2011)."MAA".Encyclopedia of Cryptography and Security. Encyclopedia of Cryptography and Security. pp. 741–742.doi:10.1007/978-1-4419-5906-5_591.ISBN 978-1-4419-5905-8. Retrieved3 May 2021.
  11. ^M. K. F. Lai (1991). A Formal Interpretation of the MAA Standard in Z (NPL Report DITC 184/91). Teddington, Middlesex, UK: National Physical Laboratory.
  12. ^Harold B. Munster (1991).LOTOS Specification of the MAA Standard, with an Evaluation of LOTOS(PDF) (NPL Report DITC 191/91). Teddington, Middlesex, UK: National Physical Laboratory. Archived fromthe original(PDF) on 2017-07-06.
  13. ^Graeme I. Parkin; G. O’Neill (1990). Specification of the MAA Standard in VDM (NPL Report DITC 160/90). National Physical Laboratory, Teddington, Middlesex, UK.
  14. ^Graeme I. Parkin; G. O’Neill (1991). Søren Prehn; W. J. Toetenel (eds.).Specification of the MAA Standard in VDM. Formal Software Development – Proceedings (Volume 1) of the 4th International Symposium of VDM Europe (VDM’91), Noordwijkerhout, The Netherlands. Lecture Notes in Computer Science. Vol. 551. Springer. pp. 526–544.doi:10.1007/3-540-54834-3_31.
  15. ^R. P. Lampard (1991). An Implementation of MAA from a VDM Specification (NPL Technical Memorandum DITC 50/91). Teddington, Middlesex, UK: National Physical Laboratory.
  16. ^Garavel, Hubert; Marsso, Lina (2017).A Large Term Rewrite System Modelling a Pioneering Cryptographic Algorithm. Proceedings of the 2nd Workshop on Models for Formal Analysis of Real Systems (MARS'17), Uppsala, Sweden. Electronic Proceedings in Theoretical Computer Science. Vol. 244. pp. 129–183.arXiv:1703.06573.doi:10.4204/EPTCS.244.6.
  17. ^Garavel, Hubert; Marsso, Lina (2018).Comparative Study of Eight Formal Specifications of the Message Authenticator Algorithm. Proceedings of the 3nd Workshop on Models for Formal Analysis of Real Systems (MARS'18) and 6th International Workshop on Verification and Program Transformation (MARS/VPT 2018), Thessaloniki, Greece. Electronic Proceedings in Theoretical Computer Science. Vol. 268. pp. 41–87.arXiv:1803.10322.doi:10.4204/EPTCS.268.2.

External links

[edit]
Common functions
SHA-3 finalists
Other functions
Password hashing/
key stretching functions
General purpose
key derivation functions
MAC functions
Authenticated
encryption modes
Attacks
Design
Standardization
Utilization
General
Mathematics
Retrieved from "https://en.wikipedia.org/w/index.php?title=Message_Authenticator_Algorithm&oldid=1292507603"
Categories:
Hidden category:
[8]ページ先頭
©2009-2025 Movatter.jp