Truncating GNU Umac32 output length

Question

I'm using the GNU crypto class called UMac32 to create Message Authentication Codes. You can read the documentation here:
http://www.gnu.org/software/gnu-crypto/manual/api/gnu/crypto/mac/UMac32.html

It is working now, but I'd like to be able to get a shorter output. There is a field inherited from the interface Imac called TRUNCATED_SIZE that I thought that I could use to do, but it is not working as expected.

Here is my code:

String message = "Hello World!";
String MAC_KEY_MATERIAL = "gnu.crypto.mac.key.material";
String TRUNCATED_SIZE = "gnu.crypto.mac.truncated.size";
String NONCE_MATERIAL = "gnu.crypto.umac.nonce.material";

Map attributes = new HashMap();
attributes.put(MAC_KEY_MATERIAL, PRIVATE_KEY.getBytes());
attributes.put(TRUNCATED_SIZE, 4);
attributes.put(NONCE_MATERIAL, PRIVATE_NONCE.getBytes());

uMac32.init(attributes);

byte[] data = message.getBytes("ASCII");
uMac32.update(data, 0, message.length());
uMac32.digest();

From the digest() function I'm getting a byte array with a length of 8.

Is it possible to get a shorter result using this class?

Thanks in advance

Answer 1

From the code of the UMac32 class:

for (int i = 0; i < OUTPUT_LEN; i++)
{
    result[i] = (byte) (result[i] ^ pad[i]);
}

Where OUTPUT_LEN is defined as a constant with value 8. The UMAC-OUTPUT-LEN defined in the JavaDoc is not a configurable parameter of the implementation but one for the UMAC algorithm (as Perseids has clarified).

So the only thing you can do is to truncate the result manually. This is something that is actually cryptographically sound; hashes and MAC authentication tags are often truncated, leaving just the least significant (leftmost) bytes. However, a tag of 8 bytes is approximately the minimum already; anything less will lessen the cryptographic strength of the function.