2012 Reports :  Cryptology ePrint Archive Forum
Discussion forum for Cryptology ePrint Archive reports posted in 2012. Please put the report number in the subject. 
Goto Thread: PreviousNext
Goto: Forum ListMessage ListNew TopicSearchLog In
2012/074 There is no flaw
Posted by: lindell (IP Logged)
Date: 28 February 2012 05:42

There is no flaw whatsoever in the HMAC proof. The so-called flaw pointed out by Koblitz and Menezes is a standard proof in the non-uniform model (where adversaries are modeled as families of polynomial-size circuits, or equivalently as polynomial-time Turing machines with advice). This type of proof is known to anyone who has taken a basic theory of cryptography (or complexity) course, and the security guaranteed is based on the assumption that the underlying compression function is "secure" (as defined in the paper) for non-uniform adversaries.

It is a shame that some people do not have enough humility to first approach the authors and ask if there is or is not a mistake. I would also hope that other people in the community take this type of behavior as an example of what NOT to do. If you find a flaw in someone's proof (something that is not the case here), then send them a nice email. You will get a nice acknowledgement, you will be known as a gracious person, and you will have done something for science. This is much better than writing an entire paper about it and getting a line on your CV that isn't worth too much. You're better off spending your time doing new and productive research.

Edited 1 time(s). Last edit at 13-Mar-2012 13:18 by Orr.

Please log in for posting a message. Only registered users may post in this forum.