Paper 2006/319

Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions

Scott Contini and Yiqun Lisa Yin

Abstract

In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.

Metadata
Available format(s)
PDF PS
Category
Secret-key cryptography
Publication info
Published elsewhere. An extended version of a paper to appear in Asiacrypt'06
Keywords
hash functionscollisionsNMACHMACmessage authentication codes
Contact author(s)
scott_contini @ yahoo com
History
2006-09-21: received
Short URL
https://ia.cr/2006/319
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2006/319,
      author = {Scott Contini and Yiqun Lisa Yin},
      title = {Forgery and Partial Key-Recovery Attacks on {HMAC} and {NMAC} Using Hash Collisions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/319},
      year = {2006},
      url = {https://eprint.iacr.org/2006/319}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.