Abstract
Okeya has established that HMAC/NMAC implementations based on only Matyas-Meyer-Oseas (MMO) PGV scheme and his two refined PGV schemes are secure against side channel DPA attacks when the block cipher in these constructions is secure against these attacks. The significant result of Okeya’s analysis is that the implementations of HMAC/NMAC with the Davies-Meyer (DM) compression function based hash functions such as SHA-1 are vulnerable to DPA attacks. In this paper, first we show a partial key recovery attack on NMAC/HMAC based on Okeya’s two refined PGV schemes by taking practical constraints into consideration. Next, we propose new hybrid NMAC/HMAC schemes for security against side channel attacks assuming that their underlying block cipher is ideal. We show a hybrid NMAC/HMAC proposal which can be instantiated with DM and a slight variant to it allowing NMAC/HMAC to use hash functions such as SHA-1. We then show that M-NMAC, MDx-MAC and a variant of the envelope MAC scheme based on DM with an ideal block cipher are secure against DPA attacks.
This work is supported by The Danish Research Council for Technology and Production Sciences grant no. 274-05-0151 and partly supported by National Institute of Information and Communications Technology (NICT), Japan.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996), available at: http://www-cse.ucsd.edu/users/mihir/papers/hmac.html
Black, J., Rogaway, P., Shrimpton, T.: Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 320–335. Springer, Heidelberg (2002)
Damgård, I.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)
Gauravaram, P.: Cryptographic Hash Functions: Cryptanalysis, Design and Applications. PhD thesis, Information Security Institute, Queensland University of Technogy (June 2007)
Gauravaram, P., Hirose, S., Annadurai, S.: An Update on the Analysis and Design of NMAC and HMAC functions. International Journal of Network Security (IJNS) 7(1), 50–61 (July 2008), Online version of the paper is available at http://ijns.nchu.edu.tw/contents/ijns-v7-n1/ijns-v7-n1.html Last access date: 6th of August 2007
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Lai, X., Massey, J.L.: Hash Functions Based on Block Ciphers. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 55–70. Springer, Heidelberg (1993)
Merkle, R.: One way Hash Functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)
Messerges, T.S.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)
Mironov, I.: Hash functions: Theory, attacks, and applications. Technical Report MSR-TR-2005-187, Microsoft Research (November 2005), This technical report is available at the link http://research.microsoft.com/users/mironov/ Last access date: 8th of November 2006
Okeya, K.: Side Channel Attacks Against HMACs Based on Block-Cipher Based Hash Functions. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 432–443. Springer, Heidelberg (2006)
Preneel, B., Govaerts, R., Vandewalle, J.: Hash Functions Based on Block Ciphers: A Synthetic Approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 368–378. Springer, Heidelberg (1994)
Preneel, B., van Oorschot, P.C.: MDx-MAC and Building Fast MACs from Hash Functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 1–14. Springer, Heidelberg (1995)
Preneel, B., van Oorschot, P.C.: On the Security of Two MAC Algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 19–32. Springer, Heidelberg (1996)
Preneel, B., van Oorschot, P.C.: On the Security of Iterated Message Authentication Codes. IEEE Transactions on Information Theory 45(1), 188–199 (1999)
Standaert, F.-X., Malkin, T.G., Yung, M.: A formal practice-oriented model for the analysis of side-channel attacks. Cryptology ePrint Archive, Report 2006/139, 2006, this paper is available at http://eprint.iacr.org/2006/139 Last access date: 21st of January 2007
Tsudik, G.: Message Authentication with One-Way Hash Functions. In: IEEE Infocom 1992, pp. 2055–2059. IEEE Computer Society Press, Los Alamitos (1992)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gauravaram, P., Okeya, K. (2007). An Update on the Side Channel Cryptanalysis of MACs Based on Cryptographic Hash Functions. In: Srinathan, K., Rangan, C.P., Yung, M. (eds) Progress in Cryptology – INDOCRYPT 2007. INDOCRYPT 2007. Lecture Notes in Computer Science, vol 4859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77026-8_31
Download citation
DOI: https://doi.org/10.1007/978-3-540-77026-8_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77025-1
Online ISBN: 978-3-540-77026-8
eBook Packages: Computer ScienceComputer Science (R0)