A message authenticator algorithm suitable for a mainframe computer
Proceedings of CRYPTO 84 on Advances in cryptology
Security for computer networks: and introduction to data security in teleprocessing and electronic funds transfer (2nd ed.)
Message authentication with one-way hash functions
ACM SIGCOMM Computer Communication Review
Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
MDx-MAC and Building Fast MACs from Hash Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Bucket Hashing and its Application to Fast Message Authentication
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
New (Two-Track-)MAC Based on the Two Trails of RIPEMD
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Single-Path Authenticated-Encryption Scheme Based on Universal Hashing
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
SQUARE HASH: Fast Message Authenication via Optimized Universal Hash Functions
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Cryptographic Primitives for Information Authentication - State of the Art
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Fast Hashing and Stream Encryption with PANAMA
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Cellular automata based authentication (CAA)
ICCC '02 Proceedings of the 15th international conference on Computer communication
Designs, Codes and Cryptography
An analysis of compare-by-hash
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Practical key-recovery attack against APOP, an MD5-based challenge-response authentication
International Journal of Applied Cryptography
Password recovery attack on authentication protocol MD4(Password||Challenge)
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Slide Attacks on a Class of Hash Functions
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Bucket hashing with a small key size
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Software performance of universal hash functions
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
"Sandwich" is indeed secure: how to authenticate a message with just one hashing
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
An update on the side channel cryptanalysis of MACs based on cryptographic hash functions
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
On efficient message authentication via block cipher design techniques
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Password recovery on challenge and response: impossible differential attack on hash function
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Security of MD5 challenge and response: extension of APOP password recovery attack
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Crypto topics and applications I
Algorithms and theory of computation handbook
Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Message freedom in MD4 and MD5 collisions: application to APOP
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Trustworthy opportunistic access to the internet of services
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Fast password recovery attack: application to APOP
Journal of Intelligent Manufacturing
Hi-index | 0.00 |
The security of two message authentication code (MAC) algorithms is considered: the MD5-based envelope method (RFC 1828), and the banking standard MAA (ISO 8731-2). Customization of a general MAC forgery attack allows improvements in both cases. For the envelope method, the forgery attack is extended to allow key recovery; for example, a 128-bit key can be recovered using 267 known text-MAC pairs and time plus 213 chosen texts. For MAA, internal collisions are feud with fewer and shorter messages than previously by exploiting the algorithm's internal structure; consequently, the number of chosen texts (each 256 Kbyte long) for a forgery can be reduced by two orders of magnitude, e.g. from 224 to 217. This attack can be extended to one requiring only short messages (224 messages shorter than 1 Kbyte) to circumvent the special MAA mode for long messages. Moreover, certain internal collisions allow key recovery, and weak keys for MAA are identified.