You are looking at a specific version 20130414:153904 of this paper.
See the latest version.
Paper 2013/212
A Closer Look at HMAC
Krzysztof Pietrzak
Abstract
Bellare, Canetti and Krawczyk~\cite{FOCS:BelCanKra96} show that cascading an $\eps$-secure (fixed input length) PRF gives an $O(\eps n q)$-secure (variable input length) PRF when making at most $q$ prefix-free queries of length $n$ blocks. We observe that this translates to the same bound for NMAC (which is the cascade without the prefix-free requirement but an additional application of the PRF at the end), and give a matching attack, showing this bound is tight. This contradicts the $O(\eps n)$ bound claimed by Koblitz and Menezes~\cite{KobMen12}.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. unpublished manuscript
- Keywords
- HMACcascade
- Contact author(s)
- krzpie @ gmail com
- History
- 2013-04-14: received
- Short URL
- https://ia.cr/2013/212
- License
-
CC BY