Algorithmic selection of MAC tag length for short messages: balancing the risks of substitution, delay, and throughput
DOI:
https://doi.org/10.46299/j.isjea.20250406.02Keywords:
Message Authentication Code, data integrity, short messages, truncated tag, cryptographic robustness, substitution risk, throughputAbstract
In modern telecommunications systems, Internet of Things networks, mobile devices, and embedded sensor platforms, the transmission of short messages with guaranteed integrity and authenticity is a critical element of information security. In such environments, Message Authentication Code is the primary mechanism for protecting against data tampering, but the selection of the optimal tag length remains an open problem. An excessively long tag increases the load on the channel, increases latency, and reduces system throughput, while an excessively short tag significantly reduces resistance to attacks and increases the likelihood of successful spoofing. This problem is particularly acute for short control, telemetry, or synchronization packets, where the tag can constitute a large part of the total data volume transmitted. The research focuses on the algorithmic selection of the tag length, which provides an optimal balance between the level of protection, processing delays, and communication channel efficiency. The study considers the features of using truncated tags. The impact of tag length on the probability of substitution, the frequency of acceptable errors, channel load, and power consumption in resource-constrained systems is analyzed. Risk assessment models are presented depending on the transmission intensity, protocol restrictions, key rotation time, and characteristics of the attack environment. It is shown that for most short messages, truncated tags with a length of 32-64 bits provide optimal security and high throughput, while the use of 96-128-bit tags is justified only in high-risk or mission-critical systems. The practical significance of the results lies in the possibility of using the proposed approaches in the design of modern protocols, industrial networks, wireless sensor systems, and lightweight cryptographic mechanisms, where a combination of high security and transmission efficiency is important.References
Лабзов Д. І. Аналіз методів організації інфраструктури IoT. https://ela.kpi.ua/handle/123456789/42181
Wagner E., Serror M., Wehrle K., Henze M. (2022). BP-MAC: Fast authentication for short messages. arXiv. https://doi.org/10.48550/arXiv.2205.09635
Mouha N., Mennink B., Van Herrewege A., Watanabe D. Preneel, B. Verbauwhede, I. (2014). Chaskey: An efficient MAC algorithm for 32-bit microcontrollers. In A. Joux & A. Youssef (Eds.), Selected areas in cryptography – SAC 2014 (pp. 306-323). Springer. https://doi.org/10.1007/978-3-319-13051-4_19
Gueron S., Langley A., Lindell Y. (2019). AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption. RFC 8452. Internet Engineering Task Force. IETF https:/doi.org/10.17487/RFC8452
Shin S., Kim M., Kwon T. (2017). Experimental performance analysis of lightweight block ciphers and message authentication codes for wireless sensor networks. International Journal of Distributed Sensor Networks, 13(11). https://doi.org/10.1177/1550147717744169
Dworkin M. Recommendation for Block Cipher Modes of Operation: CMAC Mode for Authentication (NIST Special Publication 800-38B). https://doi.org/10.6028/NIST.SP.800-38B
Dworkin M. (2007). Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC (NIST SP 800-38D). https://doi.org/10.6028/NIST.SP.800-38D
Whiting D., Housley R., Ferguson, N. (2003). Counter with CBC-MAC (CCM) (RFC 3610). IETF. https://doi.org/10.17487/RFC3610
Bellare M., Canetti R., Krawczyk H. (1996). Keying Hash Functions for Message Authentication. https://cseweb.ucsd.edu/~mihir/papers/kmd5.pdf
Capra F. (2025). Performance analysis of MAC algorithms: Benchmarking for automotive embedded systems [Master's thesis, University of Turku]. UTUPub. https://www.utupub.fi/handle/10024/194263
Hashimoto K., Katsumata S., Pascual-Perez G. (2025). Exploring how to authenticate application messages in MLS: More efficient, post-quantum, and anonymous blocklistable (Cryptology ePrint Archive, Report 2025/426). https://eprint.iacr.org/2025/426
Rogaway, P. (2011). Evaluation of some blockcipher modes of operation. https://web.cs.ucdavis.edu/~rogaway/papers/modes.pdf
Fernández-Hernández I., Ashur T., Rijmen V. (2021). Analysis and recommendations for MAC and key lengths in delayed disclosure GNSS authentication protocols (Cryptology ePrint Archive, Report 2021/784). https://eprint.iacr.org/2021/784
Wagner E., Serror M., Wehrle K., Henze M. (2023). When and how to aggregate message authentication codes on lossy channels? arXiv. https://doi.org/10.48550/arXiv.2312.09660
Nandi M. (2021). LedMAC: More efficient variants of LightMAC (Cryptology ePrint Archive, Report 2021/1210). https://eprint.iacr.org/2021/1210
Krawczyk H., Eronen P. (2010). HMAC-based Extract-and-Expand Key Derivation Function (HKDF) (RFC 5869). IETF. https://doi.org/10.17487/RFC5869
Bard G.V. (2006). A Challenging but Feasible Blockwise-Adaptive Chosen-Plaintext Attack on SSL. Cryptology ePrint Archive. https://eprint.iacr.org/2006/136
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Igor Andrushchak, Oleksandr Koloshko
This work is licensed under a Creative Commons Attribution 4.0 International License.
