SEC-CMAC A New Message Authentication Code Based on the Symmetrical Evolutionist Ciphering Algorithm

Introduction

Computer networks allowed us to communicate in new ways. They erased physical borders and made the world more interconnected. However, transmitting data over insecure and arbitrary channels (Książak, 2014), makes it subject to interception by malicious entities (Kumari, 2017; Li, 2017a, 2017b, 2017c).

It became necessary to develop tools to establish trustworthy network communications and reliable connection management processes to establish digital identity. This way, the sender and the receiver entities can communicate their private data in a secure fashion (Kumari, 2017; Li, 2017a, 2017b).

In addition, the authenticity of data should be ensured during the transmission, the processing and the storage, so that malicious users or intruders cannot intercept or alter them (Książak, 2014).

Cryptography, the science of encrypting and decrypting messages, can help secure the transmission of data by guaranteeing data authenticity and protecting privacy. One cryptography concept that works toward ensuring both data authenticity and privacy protection is Message Authentication Code (MAC). It was defined by the National Institute of Standards and Technology (NIST). In general, a MAC function generates a digit from the plaintext and a secret key. The digit, sent along with the plaintext, is called a tag (see Figure 1). In practice, the MAC functions proved to be hard to break due to their good resistance to forgery (as it is hard to have two messages with the same valid tag) (Bellare, 1996).

Figure 1.

General MAC generation

There exist two broad families of MAC functions: MAC functions based on cryptographic hash functions or MAC functions based on a cipher. The hash-based MAC functions (or HMAC) use a hash function and a secret key to generate a MAC and are mainly used in network protocols such as SSH, IPSec or TLS (Dang, 2008). The cipher-based MAC functions (or CMAC) use a symmetric key cipher algorithm to generate a MAC (Dworkin, 2005). Their wide use can be explained by their ability to optimize the size of the code. When using a symmetric cipher algorithm, some of the modes used to produce MACs are the Offset Code Book mode (OCB) (Rogaway, 2003), the Cipher Block Chaining mode (CBC-MAC) (Frankel, 2003) and the Cipher-Based mode (CMAC) (Dworkin, 2005). The CBC-MAC mode is no more recommended since it is secure only for fixed-length messages. CMAC is the mode recommended by the NIST and is the secure successor of the CBC-MAC. It guarantees that the MAC generated is as secure as the cipher algorithm upon which it is constructed (Bernstein, 2005).

The main purpose of our work is to design a MAC function using the Symmetrical Evolutionist Ciphering (SEC) algorithm. SEC is one of the first symmetrical encryption algorithms integrating an evolutionary algorithm. Its strength lies in its ability to change plaintext’s characters appearance frequency and positions (Omary, 2006).