Automated Analysis and Synthesis of Message Authentication Codes
Message Authentication Codes (MACs) represent a fundamental symmetric key primitive, serving to ensure the authenticity and integrity of transmitted data. As a building block in authenticated encryption and in numerous deployed standards, including TLS, IPsec, and SSH, MACs play a central role in pr...
Saved in:
| Published in | Proceedings (IEEE Computer Security Foundations Symposium) pp. 489 - 504 |
|---|---|
| Main Authors | , , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
16.06.2025
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2374-8303 |
| DOI | 10.1109/CSF64896.2025.00015 |
Cover
| Abstract | Message Authentication Codes (MACs) represent a fundamental symmetric key primitive, serving to ensure the authenticity and integrity of transmitted data. As a building block in authenticated encryption and in numerous deployed standards, including TLS, IPsec, and SSH, MACs play a central role in practice. Due to their importance for practice, MACs have been subject to extensive research, leading to prominent schemes such as HMAC, CBCMAC, or LightMAC. Despite the existence of various MACs, there is still considerable interest in creating schemes that are more efficient, potentially parallelizable, or have specific non-cryptographic attributes, such as being patent-free. In this context, we introduce an automated method for analyzing and synthesizing MAC schemes. In order to achieve this goal, we have constructed a framework that restricts the class of MACs in such a way that it is sufficiently expressive to cover known constructions, yet also admits automated reasoning about the security guarantees of both known and new schemes. Our automated analysis has identified a novel category of MACs, termed "hybrid" MACs. These MACs operate by processing multiple blocks concurrently, with each block managed by a different, specified MAC scheme. A key finding is that in certain scenarios, the hybrid MAC marginally outperforms the simultaneous operation of the individual MACs. This improvement is attributed to the hybrid approach exploiting the strengths and compensating for the weaknesses of each distinct MAC scheme involved. Our implementation confirms that we have successfully identified new schemes that have comparable performance with state-of-the-art schemes and in some settings seem to be slightly more efficient. |
|---|---|
| AbstractList | Message Authentication Codes (MACs) represent a fundamental symmetric key primitive, serving to ensure the authenticity and integrity of transmitted data. As a building block in authenticated encryption and in numerous deployed standards, including TLS, IPsec, and SSH, MACs play a central role in practice. Due to their importance for practice, MACs have been subject to extensive research, leading to prominent schemes such as HMAC, CBCMAC, or LightMAC. Despite the existence of various MACs, there is still considerable interest in creating schemes that are more efficient, potentially parallelizable, or have specific non-cryptographic attributes, such as being patent-free. In this context, we introduce an automated method for analyzing and synthesizing MAC schemes. In order to achieve this goal, we have constructed a framework that restricts the class of MACs in such a way that it is sufficiently expressive to cover known constructions, yet also admits automated reasoning about the security guarantees of both known and new schemes. Our automated analysis has identified a novel category of MACs, termed "hybrid" MACs. These MACs operate by processing multiple blocks concurrently, with each block managed by a different, specified MAC scheme. A key finding is that in certain scenarios, the hybrid MAC marginally outperforms the simultaneous operation of the individual MACs. This improvement is attributed to the hybrid approach exploiting the strengths and compensating for the weaknesses of each distinct MAC scheme involved. Our implementation confirms that we have successfully identified new schemes that have comparable performance with state-of-the-art schemes and in some settings seem to be slightly more efficient. |
| Author | Paulus, Dominik Milius, Stefan Thomas, Julian Schroder, Lutz Schroder, Dominique |
| Author_xml | – sequence: 1 givenname: Stefan surname: Milius fullname: Milius, Stefan email: stefan.milius@fau.de organization: Friedrich-Alexander-Universität,Erlangen-Nürnberg – sequence: 2 givenname: Dominik surname: Paulus fullname: Paulus, Dominik email: dominik.paulus@fau.de organization: Friedrich-Alexander-Universität,Erlangen-Nürnberg – sequence: 3 givenname: Dominique surname: Schroder fullname: Schroder, Dominique email: dominique.schroeder@tuwien.ac.at organization: TU Wien – sequence: 4 givenname: Lutz surname: Schroder fullname: Schroder, Lutz email: lutz.schroeder@fau.de organization: Friedrich-Alexander-Universität,Erlangen-Nürnberg – sequence: 5 givenname: Julian surname: Thomas fullname: Thomas, Julian email: julian.thomas@fau.de organization: Friedrich-Alexander-Universität,Erlangen-Nürnberg |
| BookMark | eNotkEFOwzAQRQ0Cibb0BLDwBRJm4tixd0QRBaQiFu2-mthTGtQ6qDaL3h4qWH096ekt_lRcxTGyEHcIJSK4h261MLV1pqyg0iUAoL4Qc9c4qxRqBIvNpZhUqqkLq0DdiGlKnwAGHFYT8dh-5_FAmYNsI-1PaUiSYpCrU8w7PtO4lW-cEn2w_HV3HPPgKQ9jlN0YON2K6y3tE8__dybWi6d191Is359fu3ZZDE7lAllTVTv0DKYJxBZDr3VtfG906AFUTwQMDaOv2LOubc3eeu2DIUu9UjNx_5cdmHnzdRwOdDxtzgc01ij1A03mTI0 |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/CSF64896.2025.00015 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798331510817 |
| EISSN | 2374-8303 |
| EndPage | 504 |
| ExternalDocumentID | 11097863 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Deutsche Forschungsgemeinschaft grantid: 393541319/GRK2475/1-2019 funderid: 10.13039/501100001659 |
| GroupedDBID | 6IE 6IL 6IN AAWTH ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK OCL RIE RIL RNS |
| ID | FETCH-LOGICAL-i93t-1e5a2491ce067dae81db5546cb65db003baa0e07e1c2ece5484ec8c5cd6a8ab33 |
| IEDL.DBID | RIE |
| IngestDate | Wed Aug 20 06:20:55 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i93t-1e5a2491ce067dae81db5546cb65db003baa0e07e1c2ece5484ec8c5cd6a8ab33 |
| PageCount | 16 |
| ParticipantIDs | ieee_primary_11097863 |
| PublicationCentury | 2000 |
| PublicationDate | 2025-June-16 |
| PublicationDateYYYYMMDD | 2025-06-16 |
| PublicationDate_xml | – month: 06 year: 2025 text: 2025-June-16 day: 16 |
| PublicationDecade | 2020 |
| PublicationTitle | Proceedings (IEEE Computer Security Foundations Symposium) |
| PublicationTitleAbbrev | CSF |
| PublicationYear | 2025 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0060912 |
| Score | 2.297226 |
| Snippet | Message Authentication Codes (MACs) represent a fundamental symmetric key primitive, serving to ensure the authenticity and integrity of transmitted data. As a... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 489 |
| SubjectTerms | Authentication Codes Cognition Encryption Message authentication program synthesis pseudorandom function symmetric-key authentication |
| Title | Automated Analysis and Synthesis of Message Authentication Codes |
| URI | https://ieeexplore.ieee.org/document/11097863 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LS8NAEB5sT57qo-KbPXjdNmk2m81NKZYiWIRW6K3sYyIiJKLJwf56d_JQEQRPSZZNNuyy-WYm33wDcBUoLWITRhwTtFyIOOBKp4pbzOIkNcZkribILuT8Udyt43WbrF7nwiBiTT7DEZ3W__JdYSsKlY1JHTNRMupBzx-aZK3usys98E1aWSHfbTxdzqRQKbEQJhQ2Cajw7Y8CKjV-zAaw6EZuaCMvo6o0I7v9Jcr471fbg-F3qh57-AKhfdjB_AAGXa0G1m7dQ7i-qcrCW6foWKdDwnTu2PIj9yYgXRUZu6d6KE_IKG5GLKImnMemhcP3Iaxmt6vpnLfVE_hzGpU8xFh71yq06PHIafR2qSFGmjUydrSXjdYBBgmGdoIWveMi0CobWye10iaKjqCfFzkeAzNZoJwR_gadilQ7bb2XYzB0_onCaXECQ5qQzWujj7Hp5uL0j_Yz2KVFIcJVKM-hX75VeOGhvTSX9ZJ-Atl0pk8 |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1JS8NAFH5oPeipLhV35-A1bdLMJJObUixV2yK0Qm9lllcRIRFNDvrrnZdFRRC8ZUJmEmaYvGW-930AF75UXOgg9DBG43EufE-qRHoGVyJOtNYrWwJkp9Hogd8uxKIuVi9rYRCxBJ9hly7Ls3ybmYJSZT1ix4xlFK7DhuBu3Kpcq_nxRs709WtiIfdgbzAbRlwmhEPoU-LEJ-nbHxIqpQUZtmHavLsCjjx3i1x3zccvWsZ_f9w2dL6L9dj9lxnagTVMd6HdqDWwevPuweVVkWfOP0XLGiYSplLLZu-pcwKpla3YhBRRHpFR5oxwRFVCjw0yi28dmA-v54ORV-sneE9JmHsBCuWCq8Cgs0hWofNMNWHSjI6Epd2slfLRjzEwfTToQheORhphbKSk0mG4D600S_EAmF750mruOqiEJ8oq4-IcjYF1I3Kr-CF0aEKWLxVDxrKZi6M_7p_D5mg-GS_HN9O7Y9iiBSL4VRCdQCt_LfDUGfpcn5XL-wm8z6mc |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+%28IEEE+Computer+Security+Foundations+Symposium%29&rft.atitle=Automated+Analysis+and+Synthesis+of+Message+Authentication+Codes&rft.au=Milius%2C+Stefan&rft.au=Paulus%2C+Dominik&rft.au=Schroder%2C+Dominique&rft.au=Schroder%2C+Lutz&rft.date=2025-06-16&rft.pub=IEEE&rft.eissn=2374-8303&rft.spage=489&rft.epage=504&rft_id=info:doi/10.1109%2FCSF64896.2025.00015&rft.externalDocID=11097863 |