International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions

Authors:
Scott Contini
Yiqun Lisa Yin
Download:
URL: http://eprint.iacr.org/2006/319
Search ePrint
Search Google
Abstract: In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.
BibTeX
@misc{eprint-2006-21810,
  title={Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / hash functions, collisions, NMAC, HMAC, message authentication codes},
  url={http://eprint.iacr.org/2006/319},
  note={An extended version of a paper to appear in Asiacrypt'06 scott_contini@yahoo.com 13411 received 20 Sep 2006},
  author={Scott Contini and Yiqun Lisa Yin},
  year=2006
}