Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5

Pierre-Alain Fouque 1, 2, 3 Gaëtan Leurent 3 Phong Q. Nguyen 2
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : At Crypto ?06, Bellare presented new security proofs for HMAC and NMAC, under the assumption that the underlying compression function is a pseudo-random function family. Conversely, at Asiacrypt ?06, Contini and Yin used collision techniques to obtain forgery and partial key-recovery attacks on HMAC and NMAC instantiated with MD4, MD5, SHA-0 and reduced SHA-1. In this paper, we present the first full key-recovery attacks on NMAC and HMAC instantiated with a real-life hash function, namely MD4. Our main result is an attack on HMAC/NMAC-MD4 which recovers the full MAC secret key after roughly $2^88$ MAC queries and $2^95$ MD4 computations. We also extend the partial key-recovery Contini-Yin attack on NMAC-MD5 (in the related-key setting) to a full key-recovery attack. The attacks are based on generalizations of collision attacks to recover a secret IV, using new differential paths for MD4.
Type de document :
Communication dans un congrès
Alfred Menezes. Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, 2007, Santa Barbara, California, United States. Springer, 4622, pp.13-30, 2007, Lecture Notes in Computer Science. 〈10.1007/978-3-540-74143-5_2〉
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00556690
Contributeur : Pierre-Alain Fouque <>
Soumis le : lundi 17 janvier 2011 - 15:38:27
Dernière modification le : vendredi 28 septembre 2018 - 04:28:03
Document(s) archivé(s) le : lundi 18 avril 2011 - 03:02:34

Fichier

crypto07b.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Pierre-Alain Fouque, Gaëtan Leurent, Phong Q. Nguyen. Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5. Alfred Menezes. Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, 2007, Santa Barbara, California, United States. Springer, 4622, pp.13-30, 2007, Lecture Notes in Computer Science. 〈10.1007/978-3-540-74143-5_2〉. 〈inria-00556690〉

Partager

Métriques

Consultations de la notice

281

Téléchargements de fichiers

214