Paper 2014/403

Generic Universal Forgery Attack on Iterative Hash-based MACs

Thomas Peyrin and Lei Wang

Abstract

In this article, we study the security of iterative hash-based MACs, such as HMAC or NMAC, with regards to universal forgery attacks. Leveraging recent advances in the analysis of functional graphs built from the iteration of HMAC or NMAC, we exhibit the very first generic universal forgery attack against hash-based MACs. In particular, our work implies that the universal forgery resistance of an n-bit output HMAC construction is not 2^n queries as long believed by the community. The techniques we introduce extend the previous functional graphs-based attacks that only took in account the cycle structure or the collision probability: we show that one can extract much more meaningful secret information by also analyzing the distance of a node from the cycle of its component in the functional graph.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in EUROCRYPT 2014
Keywords
HMACNMAChash functionuniversal forgery
Contact author(s)
thomas peyrin @ gmail com
History
2014-06-05: revised
2014-06-02: received
See all versions
Short URL
https://ia.cr/2014/403
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/403,
      author = {Thomas Peyrin and Lei Wang},
      title = {Generic Universal Forgery Attack on Iterative Hash-based MACs},
      howpublished = {Cryptology ePrint Archive, Paper 2014/403},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/403}},
      url = {https://eprint.iacr.org/2014/403}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.