Cryptology ePrint Archive: Report 2010/216

Distinguishing Attacks on MAC/HMAC Based on A New Dedicated Compression Function Framework

Zheng Yuan and Xiaoqiu Ren

Abstract: A new distinguishing attack on HMAC and NMAC based on a dedicated compression function framework H, proposed in ChinaCrypt2008, is first presented in this paper, which distinguish the HMAC/NMAC-H from HMAC/NMAC with a random function. The attack needs 2^{17} chosen messages and 223 queries, with a success rate of 0.873. Furthermore, according to distinguishing attack on SPMAC-H, a key recovery attack on the SPMAC-H is present, which recover all 256-bit key with 2^{17)chosen messages, 2^{19} queries, and (t+1)x8 times decrypting algorithms.

Category / Keywords: distinguishing attacks, the block-collisions property, a dedicated compression function framework, HMAC, NMAC.

Date: received 18 Apr 2010, last revised 8 Apr 2012

Contact author: yuanzheng at besti edu cn ; zyuan@mail tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Version: 20120408:132455 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]