Collisions for the compression function of MD5
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Handbook of Applied Cryptography
Handbook of Applied Cryptography
MDx-MAC and Building Fast MACs from Hash Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Differential Collisions in SHA-0
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Finding SHA-1 characteristics: general results and applications
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Differential and rectangle attacks on reduced-round SHACAL-1
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
The second-preimage attack on MD4
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
The impact of carries on the complexity of collision attacks on SHA-1
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Efficient collision search attacks on SHA-0
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Collisions of SHA-0 and reduced SHA-1
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (extended abstract)
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Strengthening digital signatures via randomized hashing
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Exploiting coding theory for collision attacks on SHA-1
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Second Preimage Attack on 3-Pass HAVAL and Partial Key-Recovery Attacks on HMAC/NMAC-3-Pass HAVAL
Fast Software Encryption
Preimages for Reduced SHA-0 and SHA-1
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Full Key-Recovery Attack on the HMAC/NMAC Based on 3 and 4-Pass HAVAL
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Cryptanalysis on HMAC/NMAC-MD5 and MD5-MAC
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Second Preimage Attack on 5-Pass HAVAL and Partial Key-Recovery Attack on HMAC/NMAC-5-Pass HAVAL
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
Distinguishing Attack on the Secret-Prefix MAC Based on the 39-Step SHA-256
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Practical Electromagnetic Template Attack on HMAC
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
New key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Security of NMAC and HMAC based on non-malleability
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Distinguishing attack on secret prefix MAC instantiated with reduced SHA-1
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Second-preimage analysis of reduced SHA-1
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Classification and generation of disturbance vectors for collision attacks against SHA-1
Designs, Codes and Cryptography
Collisions of MMO-MD5 and their impact on original MD5
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Distinguishing attacks on LPMAC based on the full RIPEMD and reduced-step RIPEMD-{256, 320}
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Practical analysis of reduced-round keccak
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Cryptanalyses on a merkle-damgård based MAC -- almost universal forgery and distinguishing-h attacks
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
| Hi-index | 0.01 |
MAC algorithms can provide cryptographically secure authentication services. One of the most popular algorithms in commercial applications is HMAC based on the hash functions MD5 or SHA-1. In the light of new collision search methods for members of the MD4 family including SHA-1, the security of HMAC based on these hash functions is reconsidered. We present a new method to recover both the inner- and the outer key used in HMAC when instantiated with a concrete hash function by observing text/MAC pairs. In addition to collisions, also other nonrandom properties of the hash function are used in this new attack. Among the examples of the proposed method, the first theoretical full key recovery attack on NMAC-MD5 is presented. Other examples are distinguishing, forgery and partial or full key recovery attacks on NMAC/HMAC-SHA-1 with a reduced number of steps (up to 61 out of 80). This information about the new, reduced security margin serves as an input to the selection of algorithms for authentication purposes.