TY - GEN
T1 - Subverting MAC
T2 - 35th IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2016
AU - Al Mansoori, Fatema
AU - Baek, Joonsang
AU - Salah, Khaled
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/9/6
Y1 - 2016/9/6
N2 - Due to its efficiency, message authentication code (MAC) has widely been used to provide data integrity and authentication in the mobile computing environment. Subverting MAC schemes will have serious consequences as it undermines the authentication services that the MAC schemes are supposed to offer in such environment, for example, authentication for mobile payments and secure software updates in mobile devices. Subverting cryptographic schemes and protocols by subliminally modifying or replacing some parts of legitimate implementation of cryptography is newly conceptualized as 'algorithmic substitution attack (ASA)', and is receiving a great deal of attention recently. In this paper, we investigate issues related to the ASA on MAC: First, we formalize security notions for MAC against ASA. We then show that the randomized MAC, a popular scheme proposed to improve the security of MAC, is vulnerable to ASA. Furthermore, we discuss how our subversion attack can be applied to the EAP-PSK protocol (a pre-shared key extensible authentication protocol method), widely used in wireless networks including IEEE 802.11.
AB - Due to its efficiency, message authentication code (MAC) has widely been used to provide data integrity and authentication in the mobile computing environment. Subverting MAC schemes will have serious consequences as it undermines the authentication services that the MAC schemes are supposed to offer in such environment, for example, authentication for mobile payments and secure software updates in mobile devices. Subverting cryptographic schemes and protocols by subliminally modifying or replacing some parts of legitimate implementation of cryptography is newly conceptualized as 'algorithmic substitution attack (ASA)', and is receiving a great deal of attention recently. In this paper, we investigate issues related to the ASA on MAC: First, we formalize security notions for MAC against ASA. We then show that the randomized MAC, a popular scheme proposed to improve the security of MAC, is vulnerable to ASA. Furthermore, we discuss how our subversion attack can be applied to the EAP-PSK protocol (a pre-shared key extensible authentication protocol method), widely used in wireless networks including IEEE 802.11.
UR - http://www.scopus.com/inward/record.url?scp=84988872973&partnerID=8YFLogxK
U2 - 10.1109/INFCOMW.2016.7562200
DO - 10.1109/INFCOMW.2016.7562200
M3 - Conference contribution
AN - SCOPUS:84988872973
T3 - Proceedings - IEEE INFOCOM
SP - 870
EP - 874
BT - 2016 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2016
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 10 April 2016 through 14 April 2016
ER -