http://eprint.iacr.org/2006/319
Cryptology ePrint Archive: Report 2006/319 Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions Scott Contini and Yiqun Lisa Yin Abstract. In this paper, we analyze the security of HMAC and NMAC, both of which are hash-based message authentication codes. We present distinguishing, forgery, and partial key recovery attacks on HMAC and NMAC using collisions of MD4, MD5, SHA-0, and reduced SHA-1. Our results demonstrate that the strength of a cryptographic scheme can be greatly weakened by the insecurity of the underlying hash function. [I Heard about this paper from ekr's blog.] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
