On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1

Jongsimg Kim, Alex Biryukov, Bart Preneel, Seokhie Hong

Research output: Chapter in Book/Report/Conference proceedingConference contribution

42 Citations (Scopus)

Abstract

HMAC is a widely used message authentication code and a pseudorandom function generator based on cryptographic hash functions such as MD5 and SHA-1. It has been standardized by ANSI, IETF, ISO and NIST. HMAC is proved to be secure as long as the compression function of the underlying hash function is a pseudorandom function. In this paper we devise two new distinguishers of the structure of HMAC, called differential and rectangle distinguishers, and use them to discuss the security of HMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1. We show how to distinguish HMAC with reduced or full versions of these cryptographic hash functions from a random function or from HMAC with a random function. We also show how to use our differential distinguisher to devise a forgery attack on HMAC. Our distinguishing and forgery attacks can also be mounted on NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1.

Original languageEnglish
Title of host publicationSecurity and Cryptography for Networks - 5th International Conference, SCN 2006, Proceedings
PublisherSpringer Verlag
Pages242-256
Number of pages15
ISBN (Print)3540380809, 9783540380801
DOIs
Publication statusPublished - 2006
Event5th International Conference on Security and Cryptography for Networks, SCN 2006 - Maiori, Italy
Duration: 2006 Sep 62006 Sep 8

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4116 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other5th International Conference on Security and Cryptography for Networks, SCN 2006
CountryItaly
CityMaiori
Period06/9/606/9/8

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1'. Together they form a unique fingerprint.

  • Cite this

    Kim, J., Biryukov, A., Preneel, B., & Hong, S. (2006). On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1. In Security and Cryptography for Networks - 5th International Conference, SCN 2006, Proceedings (pp. 242-256). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4116 LNCS). Springer Verlag. https://doi.org/10.1007/11832072_17