I would like to insert a key deriving function into EAX mode, in order to hamper brute-force attacks for a key-size restricted cipher (56 bits). The modification inserts an identical multi-block pattern S behind the corresponding tweaks:
Original: OMAC(T||...) where the 128-bit tweak T is either 0, 1, 2.
Modification: OMAC(T||S||...)
The state of the MAC behind S is different for disjunct tweaks, because the MAC's state behind S can be decrypted back to the original tweak, and identical states would yield identical tweaks.
Is this EAX extension weakening the (provable) security of EAX?
We need at least 10 more requests to produce the answer.
0 / 10 have requested this problem solution
The more requests, the faster the answer.
I would like to insert a key deriving function into EAX mode, in order to hamper...