Paper 2015/149

Cryptanalysis of HMAC/NMAC-Whirlpool

Jian Guo, Yu Sasaki, Lei Wang, and Shuang Wu

Abstract

In this paper, we present universal forgery and key recovery attacks on the most popular hash-based MAC constructions, e.g., HMAC and NMAC, instantiated with an AES-like hash function Whirlpool. These attacks work with Whirlpool reduced to 6 out of 10 rounds in single-key setting. To the best of our knowledge, this is the first result on ``original'' key recovery for HMAC (previous works only succeeded in recovering the equivalent keys). Interestingly, the number of attacked rounds is comparable with that for collision and preimage attacks on Whirlpool hash function itself. Lastly, we present a distinguishing-H attack against the full HMAC- and NMAC-Whirlpool.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2013
Keywords
HMACNMACWhirlpoolkey recoveryuniversal forgery
Contact author(s)
ntu guo @ gmail com
History
2015-02-27: received
Short URL
https://ia.cr/2015/149
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/149,
      author = {Jian Guo and Yu Sasaki and Lei Wang and Shuang Wu},
      title = {Cryptanalysis of HMAC/NMAC-Whirlpool},
      howpublished = {Cryptology ePrint Archive, Paper 2015/149},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/149}},
      url = {https://eprint.iacr.org/2015/149}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.