Cryptology ePrint Archive: Report 2006/319

Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions

Scott Contini and Yiqun Lisa Yin

Abstract: In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function.

Category / Keywords: secret-key cryptography / hash functions, collisions, NMAC, HMAC, message authentication codes

Publication Info: An extended version of a paper to appear in Asiacrypt'06

Date: received 20 Sep 2006

Contact author: scott_contini at yahoo com

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20060921:095950 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]