Economically Optimal Variable Tag Length Message Authentication

Cryptographic authentication protects messages against forgeries. In real life, messages carry information of different value and the gain of the adversary in a successful forgery and the corresponding cost of the system designers, depend on the “meaning” of the message. This is easy o see by comparing the successful forgery of a $1,000 transaction with the forgery of a $1 one. Cryptographic protocols require computation and increase communication cost of the system, and an economically optimal system must optimize these costs such that message protection be commensurate to their values. This is especially important for resource limited devices that rely on battery power. A MAC (Message Authentication Code) provides protection by appending a cryptographic tag to the message. For secure MACs, the tag length is the main determinant of the security level: longer tags provide higher protection and at the same time increase the communication cost of the system. Our goal is to find the economically optimal tag lengths when messages carry information of different values.

[1]  Tyler Moore,et al.  The Iterated Weakest Link - A Model of Adaptive Security Investment , 2016, WEIS.

[2]  Jonathan Katz,et al.  Fair Computation with Rational Players , 2012, EUROCRYPT.

[3]  Juliane Hahn,et al.  Security And Game Theory Algorithms Deployed Systems Lessons Learned , 2016 .

[4]  Moni Naor,et al.  Cryptography and Game Theory: Designing Protocols for Exchanging Information , 2008, TCC.

[5]  Gustavus J. Simmons,et al.  Authentication Theory/Coding Theory , 1985, CRYPTO.

[6]  F. MacWilliams,et al.  Codes which detect deception , 1974 .

[7]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[8]  Milind Tambe,et al.  Approximation methods for infinite Bayesian Stackelberg games: modeling distributional payoff uncertainty , 2011, AAMAS.

[9]  Ran Canetti,et al.  Toward a Game Theoretic View of Secure Computation , 2011, Journal of Cryptology.

[10]  Vincent Conitzer,et al.  Computing the optimal strategy to commit to , 2006, EC '06.

[11]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[12]  Ingrid Verbauwhede VLSI design methods for low power embedded encryption , 2016, 2016 International Great Lakes Symposium on VLSI (GLSVLSI).

[13]  Vladik Kreinovich,et al.  Security games with interval uncertainty , 2013, AAMAS.

[14]  Yehuda Lindell,et al.  Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries , 2007, Journal of Cryptology.

[15]  Jens Grossklags,et al.  Blue versus Red: Towards a Model of Distributed Security Attacks , 2009, Financial Cryptography.

[16]  Lyman Chapin,et al.  THE INTERNET OF THINGS : AN OVERVIEW Understanding the Issues and Challenges of a More Connected World , 2015 .

[17]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[18]  Georg Fuchsbauer,et al.  Efficient Rational Secret Sharing in Standard Communication Networks , 2010, IACR Cryptol. ePrint Arch..

[19]  Joos Vandewalle,et al.  The mathematical relation between the economic, cryptographic and information theoretical aspects of authentication , 1983 .

[20]  Joseph Y. Halpern,et al.  Rational secret sharing and multiparty computation: extended abstract , 2004, STOC '04.

[21]  Joseph Y. Halpern,et al.  Game theory with costly computation: formulation and application to protocol security , 2010, ICS.

[22]  Sarit Kraus,et al.  Playing games for security: an efficient exact algorithm for solving Bayesian Stackelberg games , 2008, AAMAS.

[23]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[24]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[25]  Ueli Maurer,et al.  Rational Protocol Design: Cryptography against Incentive-Driven Adversaries , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[26]  Amitav Mukherjee,et al.  Physical-Layer Security in the Internet of Things: Sensing and Communication Confidentiality Under Resource Constraints , 2015, Proceedings of the IEEE.

[27]  Danny Dolev,et al.  Distributed computing meets game theory: robust mechanisms for rational secret sharing and multiparty computation , 2006, PODC '06.

[28]  Hal R. Varian,et al.  System Reliability and Free Riding , 2004, Economics of Information Security.