Another look at HMAC

被引:10
|
作者
Koblitz, Neal [1 ]
Menezes, Alfred [2 ]
机构
[1] Univ Washington, Dept Math, Box 354350, Seattle, WA 98195 USA
[2] Univ Waterloo, Dept Combinator & Optimizat, Waterloo, ON N2L 3G1, Canada
来源
JOURNAL OF MATHEMATICAL CRYPTOLOGY | 2013年 / 7卷 / 03期
关键词
Message authentication code; NMAC; HMAC; provable security;
D O I
10.1515/jmc-2013-5004
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
HMAC is the most widely-deployed cryptographic-hash-function-based message authentication code. First, we describe a security issue that arises because of inconsistencies in the standards and the published literature regarding keylength. We prove a separation result between two versions of HMAC, which we denote HMAC(std) and HMAC(Bel), the former being the real-world version standardized by Bellare et al. in 1997 and the latter being the version described in Bellare's proof of security in his Crypto 2006 paper. Second, we describe how HMAC(NIST) (the FIPS version standardized by NIST), while provably secure (in the single-user setting), succumbs to a practical attack in the multi-user setting. Third, we describe a fundamental defect from a practice-oriented standpoint in Bellare's 2006 security result for HMAC, and show that because of this defect his proof gives a security guarantee that is of little value in practice. We give a new proof of NMAC security that gives a stronger result for NMAC and HMAC and we discuss why even this stronger result by itself fails to give convincing assurance of HMAC security.
引用
收藏
页码:225 / 251
页数:27
相关论文
共 50 条
  • [1] ANOTHER LOOK AT CANADIAN FOLKLORE, ANOTHER LOOK AT THESE PAPERS
    GREENHILL, P
    [J]. JOURNAL OF CANADIAN STUDIES-REVUE D ETUDES CANADIENNES, 1994, 29 (01): : 135 - 138
  • [2] ANOTHER LOOK
    DAVIES, M
    SPENCER, S
    [J]. BIO-TECHNOLOGY, 1993, 11 (08): : 860 - 860
  • [3] 'Another Look'
    Horne, L
    [J]. QUEENS QUARTERLY, 1997, 104 (01) : 179 - 179
  • [4] Another look at πιστιζ χριστου
    Hooker, Morna D.
    [J]. SCOTTISH JOURNAL OF THEOLOGY, 2016, 69 (01) : 46 - 62
  • [5] Another Look
    Carson, Leslie
    [J]. NEW YORK TIMES BOOK REVIEW, 2014, 119 (17): : 6 - 6
  • [6] ANOTHER LOOK
    LEVISTRAUSS, C
    [J]. HOMME, 1993, 33 (2-4): : 7 - 10
  • [7] Another look at latex
    Hayman, G
    Bansal, A
    Varney, V
    [J]. LANCET, 2000, 355 (9214): : 1555 - 1555
  • [8] Another look back
    Jenkins, T
    [J]. AMERICAN JOURNAL OF HUMAN GENETICS, 2000, 67 (02) : 527 - 527
  • [9] 'TARTUFFE' - ANOTHER LOOK
    PEACOCK, N
    [J]. SEVENTEENTH-CENTURY FRENCH STUDIES, 1992, (14): : 177 - 189
  • [10] ANOTHER LOOK AT MURDER
    PHILLIPS, A
    [J]. JOURNAL OF JEWISH STUDIES, 1977, 28 (02): : 105 - 126
12345