Improved Single-Key Distinguisher on HMAC-MD5 and Key Recovery Attacks on Sandwich-MAC-MD5
نویسندگان
چکیده
منابع مشابه
Equivalent Key Recovery Attack on H 2-MAC Instantiated with MD5
This paper presents the first equivalent key recovery attack on H2-MAC-MD5, which conduces to a selective forgery attack directly. H2-MAC is similar with HMAC except that the outer key is omitted. For HMAC-MD5, since the available differential paths are pseudocollisions, all the key recovery attacks are in the related-key setting, while our attack on H2MAC-MD5 gets rid of this restriction. Base...
متن کاملCryptanalysis on HMAC/NMAC-MD5 and MD5-MAC
In this paper, we present the first distinguishing attack on HMAC and NMAC based on MD5 without related keys, which distinguishes the HMAC/NMAC-MD5 from HMAC/NMAC with a random function. The attack needs 2 queries, with a success probability 0.87, while the previous distinguishing attack on HMAC-MD5 reduced to 33 rounds takes 2 messages with a success rate of 0.92. Furthermore, we give distingu...
متن کاملFull Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5
At Crypto ’06, Bellare presented new security proofs for HMAC and NMAC, under the assumption that the underlying compression function is a pseudo-random function family. Conversely, at Asiacrypt ’06, Contini and Yin used collision techniques to obtain forgery and partial key-recovery attacks on HMAC and NMAC instantiated with MD4, MD5, SHA-0 and reduced SHA-1. In this paper, we present the firs...
متن کاملNew Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5
At Crypto ’07, Fouque, Leurent and Nguyen presented full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5, by extending the partial key-recovery attacks of Contini and Yin from Asiacrypt ’06. Such attacks are based on collision attacks on the underlying hash function, and the most expensive stage is the recovery of the socalled outer key. In this paper, we show that the outer key can be recov...
متن کاملNew Results on NMAC/HMAC when Instantiated with Popular Hash Functions
Message Authentication Code (MAC) algorithms can provide cryptographically secure authentication services. One of the most popular algorithms in commercial applications is HMAC based on the hash functions MD5 or SHA-1. In the light of new collision search methods for members of the MD4 family including SHA-1, the security of HMAC based on these hash functions is reconsidered. We present a new m...
متن کامل