Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions

Scott Contini; Yiqun Lisa Yin

doi:10.1007/11935230_3

Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions

Scott Contini, Yiqun Lisa Yin

School of Computing

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

73 Citations (Scopus)

Abstract

In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.

Original language	English
Title of host publication	Advances in cryptology - ASIACRYPT 2006
Subtitle of host publication	12th international conference on the theory and application of cryptology and information security Shanghai, China, December 3-7, 2006 : proceedings
Editors	Xuejia Lai, Kefei Chen
Place of Publication	Berlin
Publisher	Springer, Springer Nature
Pages	37-53
Number of pages	17
ISBN (Print)	3540494758
DOIs	https://doi.org/10.1007/11935230_3
Publication status	Published - 2006
Event	International Conference on the Theory and Application of Cryptology and Information Security (12th : 2006) - Shanghai Duration: 3 Dec 2006 → 7 Dec 2006

Publication series

Name	Lecture notes in computer science
Publisher	Springer
Volume	4284
ISSN (Print)	0302-9743

Conference

Conference	International Conference on the Theory and Application of Cryptology and Information Security (12th : 2006)
City	Shanghai
Period	3/12/06 → 7/12/06

Access to Document

10.1007/11935230_3

http://www.informatik.uni-trier.de/~ley/db/conf/asiacrypt/asiacrypt2006.html

Cite this

Contini, S., & Yin, Y. L. (2006). Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. In X. Lai, & K. Chen (Eds.), Advances in cryptology - ASIACRYPT 2006: 12th international conference on the theory and application of cryptology and information security Shanghai, China, December 3-7, 2006 : proceedings (pp. 37-53). (Lecture notes in computer science; Vol. 4284). Springer, Springer Nature. https://doi.org/10.1007/11935230_3

Contini, Scott ; Yin, Yiqun Lisa. / Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. Advances in cryptology - ASIACRYPT 2006: 12th international conference on the theory and application of cryptology and information security Shanghai, China, December 3-7, 2006 : proceedings. editor / Xuejia Lai ; Kefei Chen. Berlin : Springer, Springer Nature, 2006. pp. 37-53 (Lecture notes in computer science).

@inproceedings{cba658af3b0e48019d3cedd2d06edfe7,

title = "Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions",

abstract = "In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.",

author = "Scott Contini and Yin, {Yiqun Lisa}",

year = "2006",

doi = "10.1007/11935230_3",

language = "English",

isbn = "3540494758",

series = "Lecture notes in computer science",

publisher = "Springer, Springer Nature",

pages = "37--53",

editor = "Xuejia Lai and Kefei Chen",

booktitle = "Advances in cryptology - ASIACRYPT 2006",

address = "United States",

note = "International Conference on the Theory and Application of Cryptology and Information Security (12th : 2006) ; Conference date: 03-12-2006 Through 07-12-2006",

}

Contini, S & Yin, YL 2006, Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. in X Lai & K Chen (eds), Advances in cryptology - ASIACRYPT 2006: 12th international conference on the theory and application of cryptology and information security Shanghai, China, December 3-7, 2006 : proceedings. Lecture notes in computer science, vol. 4284, Springer, Springer Nature, Berlin, pp. 37-53, International Conference on the Theory and Application of Cryptology and Information Security (12th : 2006), Shanghai, 3/12/06. https://doi.org/10.1007/11935230_3

Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. / Contini, Scott; Yin, Yiqun Lisa.
Advances in cryptology - ASIACRYPT 2006: 12th international conference on the theory and application of cryptology and information security Shanghai, China, December 3-7, 2006 : proceedings. ed. / Xuejia Lai; Kefei Chen. Berlin: Springer, Springer Nature, 2006. p. 37-53 (Lecture notes in computer science; Vol. 4284).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions

AU - Contini, Scott

AU - Yin, Yiqun Lisa

PY - 2006

Y1 - 2006

N2 - In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.

AB - In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.

U2 - 10.1007/11935230_3

DO - 10.1007/11935230_3

M3 - Conference proceeding contribution

SN - 3540494758

T3 - Lecture notes in computer science

SP - 37

EP - 53

BT - Advances in cryptology - ASIACRYPT 2006

A2 - Lai, Xuejia

A2 - Chen, Kefei

PB - Springer, Springer Nature

CY - Berlin

T2 - International Conference on the Theory and Application of Cryptology and Information Security (12th : 2006)

Y2 - 3 December 2006 through 7 December 2006

ER -

Contini S, Yin YL. Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. In Lai X, Chen K, editors, Advances in cryptology - ASIACRYPT 2006: 12th international conference on the theory and application of cryptology and information security Shanghai, China, December 3-7, 2006 : proceedings. Berlin: Springer, Springer Nature. 2006. p. 37-53. (Lecture notes in computer science). doi: 10.1007/11935230_3

Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this