On a Fallacious Bound for Authentication Codes