New results on NMAC/HMAC when instantiated with popular hash functions

Journal of Universal Computer Science

Volumn 14, Issue 3, 2008, Pages 347-376

  Rechberger, Christian ^a   Rijmen, Vincent ^a  

^a GRAZ UNIVERSITY OF TECHNOLOGY   (Austria)

Author keywords

Authentication; Cryptography; Security

Indexed keywords

EID: 44349165814     PISSN: 0958695X     EISSN: 09486968     Source Type: Journal    
DOI: None     Document Type: Article

References (29)

1. Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In Koblitz, N., editor, Advances in Cryptology - CRYPTO '96, 16th Annual International Cryptology Conference, Santa Barbara, California, USA, 1996, Proceedings, volume 1109 of LNCS, pages 1-15. Springer, 1996.
2. Bellare, M.: New Proofs for NMAC/HMAC. In Dwork, C., editor, Advances in Cryptology - CRYPTO 2006, 26th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 2006, Proceedings, volume 4117 of LNCS, pages 602-619. Springer, 2006.
3. Biham, E., Chen, R., Joux, A., Carribault, P., Lemuet, C., Jalby W.: Collisions of SHA-O and Reduced SHA-1. In Cramer, R., editor, Advances in Cryptology - EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings, volume 3494 of LNCS, pages 36-57. Springer, 2005.
4. Biham, E., Shamir, A.,: Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology, 4(1):3-72, 1991.
5. Chabaud, F,: Joux, A.: Differential Collisions in SHA-0. In Krawczyk, H., editor, Advances in Cryptology - CRYPTO '98, 18th Annual International Cryptology Conference, Santa Barbara, California, USA, August 23-27, 1998, Proceedings, volume 1462 of LNCS, pages 56-71. Springer, 1998.
6. Contini, S., Yin, Y.L.: Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions. In Lai X., Chen, K., editors, Advances in Cryptology - ASIACRYPT 2006, 12th International Conference on the Theory and Application of Cryptology and Information Security, Shanghai, China, December 8-7, 2006, Proceedings, volume 4284 of LNCS, pages 37-53. Springer, 2006.
7. Damgård, I.: A Design Principle for Hash Functions. In Brassard, G., editor, Advances in Cryptology - CRYPTO '89, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings, volume 435 of LNCS, pages 416-427. Springer, 1989.
8. den Boer, B., Bosselaers, A.: Collisions for the Compressin Function of MD5. In Helleseth, T., editor, Advances in Cryptology - EUROCRYPT '93, Workshop on the Theory and Application of of Cryptographic Techniques, Lofthus, Norway, May 23-27, 1993, Proceedings, volume 765 of LNCS, pages 293-304, 1993.
9. De Cannière, C., Mendel, F., Rechberger, C.: Collisons for 70-step SHA-1: On the Full Cost of Collision Search. In Adams, C.M., Miri, A., Wiener, M.J., editors, Selected Areas in Cryptography, 14th International Workshop, SAC 2007, Ottawa, Canada, August 16-17, 2007, Revised Selected Papers, volume 4876 of LNCS, pages 56-73. Springer, 2007.
10. De Cannière, C., Rechberger, C.: Finding SHA-1 Characteristics: General Results and Applications. In Lai X., Chen, K., editors, Advances in Cryptology - ASIACRYPT 2006, 12th International Conference on the Theory and Application of Cryptology and Information Security, Shanghai, China, December 3-7, 2006, Proceedings, volume 4284 of LNCS, pages 1-20. Springer, 2006.
11. Fouque, P., Leurent, G., Nguyen, P.Q.: Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5. In Menezes, A., editor, Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings, volume 4622 of LNCS, pages 13-30. Springer, 2007.
12. Halevi, S., Krawczyk, H.: Strengthening Digital Signatures via Randomized Hashing. In Dwork, C., editor, Advances in Cryptology - CRYPTO 2006: 26th Annual International Cryptology Conference, Santa Barbara, California, USA, August 2006, Proceedings, volume 4117 of LNCS, pages 41-59. Springer, 2006.
13. Kim, J., Biryukov, A., Preneel, B., Hong, S.: On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-O and SHA-1 (Extended Abstract). In De Prisco, R., Yung, M., editors, SCN, volume 4116 of Lecture Notes in Computer Science, pages 242-256. Springer, 2006.
14. Lu, J., Kim, J., Keller, N., Dunkelman, O.: Differential and Rectangle Attacks on Reduced-Round SHACAL-1. In Barua, R., Lange, T., editors, Progress in Cryptology - INDOCRYPT 2006, 7th International Conference on Cryptology in India, Kolkata, India, December 11-13, 2006, Proceedings, volume 4329 of LNCS, pages 17-31. Springer, 2006.
15. Mendel, F., Pramstaller, N., Rechberger, C., Rijmen, V.: The Impact of Carries on the Complexity of Collision Attacks on SHA-1. In Robshaw, M., editor, Fast Software Encryption, 13th International Workshop, FSE 2006, Graz, Austria, March 15-17, 2006, Pre-Proceedings, 2006.
16. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, 1997. Available online at http://www.cacr.math. uwaterloo.ca/hac/.
17. Merkle, R.C.: One Way Hash Functions and DES. In Brassard, G., editor, Advances in Cryptology - CRYPTO '89, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 428-446. Springer, 1989.
18. National Institute of Standards and Technology (NIST). FIPS-180-2: Secure Hash Standard, August 2002. Available online at http://www.itl.nist.gov/ fipspubs/.
19. National Institute of Standards and Technology. NIST's Policy on Hash Functions, 2006. Available online at http://www.csrc.nist.gov/pki/HashWorkshop/ NIST%20Statement/NIST_Policy_ on_HashFunctions.htm.
20. Pramstaller, N., Rechberger, C., Rijmen, V.: Exploiting Coding Theory for Collision Attacks on SHA-1. In Smart, N.P., editor, Cryptography and Coding, 10th IMA International Conference, Cirencester, UK, December 19-21, 2005, Proceedings, volume 3796 of LNCS, pages 78-95. Springer, 2005.
21. Preneel, B., van Oorschot, P.C.: MDx-MAC and Building Fast MACs from Hash Functions. In Coppersmith, D., editor, Advances in Cryptology - CRYPTO '95, 15th Annual International Cryptology Conference, Santa Barbara, California, USA, August 27-31, 1995, Proceedings, volume 963 of LNCS, pages 1-14. Springer, 1995.
22. M'Raihi, D., Bellare, M., Hoornaert, F., Naccache, D., Ranen, O.: HOTP: An HMAC-based One Time Password Algorithm. Informational RFC 4226, December 2005.
23. Rechberger, C.: Rijmen, V.: On Authentication with HMAC and Non-Random Properties. In Dietrich, S., Dhamija, R., editors, Proceedings of Financial Cryptography 2007 and Usable Security 2007, Trinidad and Tobago, February 12-15, 2007, volume 4886 of LNCS, pages 119-133. Springer, 2007.
24. Wang, X.: What's the Potential Danger Behind the collisions of Hash Functions, 2005. ECRYPT Conference on Hash Functions, Krakow, available via http://www.ecrypt.eu.org/stvl/hfw/.
25. Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis of the Hash Functions MD4 and RIPEMD. In Cramer, R., editor, Advances in Cryptology - EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings, volume 3494 of LNCS, pages 1-18. Springer, 2005.
26. Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA1. In Shoup, V., editor, Advances in Cryptology - CRYPTO 2005, 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August I418, 2005, Proceedings, volume 3621 of LNCS, pages 17-36. Springer, 2005.
27. Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In Cramer, R., editor, Advances in Cryptology - EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings, volume 3494 of LNCS, pages 19-35. Springer, 2005.
28. Wang, X., Yu, H., Yin, Y.L.: Efficient Collision Search Attacks on SHA-O. In Shoup, V., editor, Advances in Cryptology - CRYPTO 2005, 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings, volume 3621 of LNCS, pages 1-16. Springer, 2005.
29. Yu, H., Wang, G., Zhang, G., Wang, X.: The Second-Preimage Attack on MD4. In Desmedt, Y., Wang, H., Mu, Y., and Li, Y, editors, Cryptology and Network Security, 4th International Conference, CANS 2005, Xiamen, China, December 14-16, 2005. Proceedings, volume 3810 of LNCS, pages 1-12. Springer, 2005.