Fast Message Authentication Code for Multiple Messages with Provable Security

In this paper we consider authentication of multiple messages m1, m2, ?, mL where each message mi consists of s bits. We propose a scheme for the computation of a message authentication code (MAC) tag t, of m1, m2, ?, mL that takes constant time (time that is independent of L) and has a tag length that is constant or independent of L. The verification time of the proposed scheme is also constant. Current schemes result in tag computation and verification times proportional to L and are hence less efficient than the proposed scheme. The proposed scheme uses a modification of division by an irreducible polynomial over GF(2) in order to compress the L messages. The compressed result is then input to a pseudorandom function Fk(.) to obtain a secure tag t. We prove the security of the proposed MAC scheme. The proposed scheme has applications in sensor networks where many messages having one tag can reduce the number of bits being transmitted by a sensor node, thereby reducing the power consumption at a sensor node. Another application is in multimedia authentication, where a large multimedia data file can be split up into smaller segments whose MAC tag can be computed at high speed using the proposed scheme.