[45763] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

interesting HMAC attack results

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sat Sep 23 08:51:54 2006

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 2006 09:42:03 -0400


  http://eprint.iacr.org/2006/319

Cryptology ePrint Archive: Report 2006/319

Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions

Scott Contini and Yiqun Lisa Yin

  Abstract. In this paper, we analyze the security of HMAC and NMAC,
  both of which are hash-based message authentication codes. We present
  distinguishing, forgery, and partial key recovery attacks on HMAC and
  NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our
  results demonstrate that the strength of a cryptographic scheme can be
  greatly weakened by the insecurity of the underlying hash function.

[I Heard about this paper from ekr's blog.]
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post