You are looking at a specific version 20130414:153904 of this paper. See the latest version.

Paper 2013/212

A Closer Look at HMAC

Krzysztof Pietrzak

Abstract

Bellare, Canetti and Krawczyk~\cite{FOCS:BelCanKra96} show that cascading an $\eps$-secure (fixed input length) PRF gives an $O(\eps n q)$-secure (variable input length) PRF when making at most $q$ prefix-free queries of length $n$ blocks. We observe that this translates to the same bound for NMAC (which is the cascade without the prefix-free requirement but an additional application of the PRF at the end), and give a matching attack, showing this bound is tight. This contradicts the $O(\eps n)$ bound claimed by Koblitz and Menezes~\cite{KobMen12}.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. unpublished manuscript
Keywords
HMACcascade
Contact author(s)
krzpie @ gmail com
History
2013-04-14: received
Short URL
https://ia.cr/2013/212
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.