An A-code is a matrix E x M, where e is the encoding rule used, and m
is the message the transmitter should send (output).  The message to
be authenticated (input) is s in { s_1 .. s_k },  and the contents of
the matrix are members of such that every row (encoding rule) contains
s_1..s_k.  In schemes with secrecy, there is an additional constraint
that each column include each of s_1..s_k.  Any unused cells are
filled with 0, indicating that the message/encoding combination is
invalid and indicative that the message is fraudulent.

Put another way, if f : S x E -> M is a map, then f is onto and for
each encoding rule e, the map f(o , e) : S -> M defined by s -> f(s,e)
is one-to-one.

Furthermore, the code is minimal if |E| = |M|.  As I understand it,
this means there are no matrix elements containing 0.  This is
ostensibly desirable as it minimizes the number of bits necessary to
encode the encoding rule (lg |E|).  However, it would appear to
provide no protection against substitution or impersonation.


Is that last statement correct?

Isn't it the case that every minimal authentication code with secrecy
is also a latin square?

...just wanted to be sure I was understanding it correctly...
"Curiousity killed the cat, but for a while I was a suspect" -- Steven Wright
Security Guru for Hire -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to