MDx-MAC and Building Fast MACs from Hash Functions
- 1 January 1995
- book chapter
- conference paper
- Published by Springer Science and Business Media LLC in Lecture Notes in Computer Science
Abstract
We consider the security of message authentication code (MAC) algorithms, and the construction of MACs from fast hash functions. A new forgery attack applicable to all iterated MAC algorithms is described, the first known such attack requiring fewer operations than exhaustive key search. Existing methods for constructing MACs from hash functions, including the secret prefix, secret suffix, and envelope methods, are shown to be unsatisfactory. Motivated by the absence of a secure, fast MAC algorithm not based on encryption, a new generic construction (MDx-MAC) is proposed for transforming any secure hash function of the MD4-family into a secure MAC of equal or smaller bitlength and comparable speed.Keywords
This publication has 16 references indexed in Scilit:
- The Security of Cipher Block ChainingPublished by Springer Science and Business Media LLC ,2001
- LFSR-based Hashing and AuthenticationPublished by Springer Science and Business Media LLC ,2001
- A Design Principle for Hash FunctionsPublished by Springer Science and Business Media LLC ,2001
- A Message Authenticator Algorithm Suitable for a Mainframe ComputerPublished by Springer Science and Business Media LLC ,2000
- Collisions for the compression function of MD5Lecture Notes in Computer Science, 1994
- Message authentication with one-way hash functionsACM SIGCOMM Computer Communication Review, 1992
- Computer losses in 1988 - A reviewComputer Law & Security Review, 1989
- Solutions to the multidestination secure electronic mail problemComputers & Security, 1988
- A cryptographic checksum for integrity protectionComputers & Security, 1987
- New hash functions and their use in authentication and set equalityJournal of Computer and System Sciences, 1981