Message Authentication Codes.

Suppose KeyGen ${?}_1,$ Tag ${?}_1,$ Verify $\{$:$y_1)$ and KeyGen ${?}_2,$ Tag ${?}_2,$

Verify ${?}_2)$ are two message authentication code schemes.

KeyGen ${?}_3$ first runs KeyGen ${?}_1$ obtains $k_1,$ and then runs

KeyGen ${?}_2$ obtains $k_2,$ the output key is $(k_1,k_2).$

$Ta{g}_3[(k_1,k_2),(m_1,m_2)]$ first runs $Ta{g}_1(k_1,m_1)$ and obtains

${}_1$ and it runs $Ta{g}_2(k_2,m_{1}o+m_2)$ and obtains ${}_2,$ where the

message $m$ that $Ta{g}_3$ works on is a pair of messages $m_1,m_2.$

The final tag is ${}_3$:$={}_1||{}_2.$ The verification can be defined

accordingly.

Is ${}_3$ a secure MAC? Briefly explain why. $(10$ pts$)$