Is the tag generated in MAC equal for equal messages in CBC-MAC?

Abhisek Dash

2/8/23, 9:59 AM

The Cipher Block Chaining algorithm for generating message authentication codes uses a 0 IV . So my understanding is that same messages will generate same MACs which seems to violate semantic security. An attacker may deduce that 2 messages are same by looking at the MAC. Is my intuition correct?

0 + 0

initialization-vector

semantic-security

cbc-mac

Score:2

Crypto

Maarten Bodewes

2/8/23, 10:30 AM

First of all, you seem to be talking about semantic security for a cipher. So I'll answer from that perspective. There is no security requirement for a MAC to be indistinguishable for identical messages after all.

So, from that perspective, your intuition is correct. However, generally we perform encrypt-then-MAC, and in that case the IV should be included as well. As the IV should be at least unique and the ciphertext should be randomized, we should not get the same MAC even for the same messages.

The semantic security issue only becomes an issue if you perform a "Encrypt-and-MAC". Quoted from the answer above:

May reveal information about the plaintext in the MAC. Theoretical, of course, but a less than ideal scenario. This occurs if the plaintext messages are repeated, and the MACed data does not include a counter (it does in the SSH 2 protocol, but only as a 32-bit counter, so you should take care to re-key before it overflows).

In AEAD ciphers sometimes a slightly different method is used: GMAC is over the plaintext message, but it is dependent on the nonce, which should of course be unique for each message.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is the tag generated in MAC equal for equal messages in CBC-MAC?

TH: แท็กที่สร้างใน MAC เท่ากับข้อความที่เท่ากันใน CBC-MAC หรือไม่

RO: Este eticheta generată în MAC egală pentru mesaje egale în CBC-MAC?

RU: Является ли тег, сгенерированный в MAC, одинаковым для одинаковых сообщений в CBC-MAC?

VI: Thẻ được tạo trong MAC có bằng nhau cho các thông báo bằng nhau trong CBC-MAC không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.