Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions

  • Scott Contini
  • Yiqun Lisa Yin
Conference paper

DOI: 10.1007/11935230_3

Part of the Lecture Notes in Computer Science book series (LNCS, volume 4284)
Cite this paper as:
Contini S., Yin Y.L. (2006) Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions. In: Lai X., Chen K. (eds) Advances in Cryptology – ASIACRYPT 2006. ASIACRYPT 2006. Lecture Notes in Computer Science, vol 4284. Springer, Berlin, Heidelberg

Abstract

In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Scott Contini
    • 1
  • Yiqun Lisa Yin
    • 2
  1. 1.Centre for Advanced Computing – ACACMacquarie UniversityAustralia
  2. 2.Independent ConsultantGreenwichUSA

Personalised recommendations