Security Aspects of Soft Verified Messages Protected by Message Authentication Codes

The subject of this paper is the security analysis of soft verification. Soft verification is used, when messages protected by Message Authentication Codes (MAC) are transmitted over the noisy channel without Automatic Re-peat Request (ARQ) protocol. This situation is given with the secure real-time, satellite or broadband communication. Forward Error Correction (FEC) Codes are able to correct many errors, but not all of them. These remaining errors disable a successful authentication of messages protected by MACs. Many applications, multimedia or biometric for example, would accept messages with a few or local errors. Therefore, an authentication method is requested, which accepts messages as authentic, although they would be rejected by the standard verification. Such a method is supported by soft authentication. Two groups of soft authentication algorithms will be described: algorithms, which generate error tolerant MACs, whose security aspects were already published, and an soft verification, based on soft decision decoding, whose security aspects have not yet been published. The security level of soft verified messages is reduced. The risk of forgery and security loss will be calculated. Formulas will be presented for the extension of the lengths of MACs to compensate for the reduction of the security level. Results show remarkable coding gains. Many more messages can be accepted as authentic by soft verification at the same security level compared to standard verification without soft verification.