期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2013
卷号:7
期号:2
出版社:SERSC
摘要:H2-MAC was proposed by Yasuda to increase efficiency over hash-based message authen- tication code (HMAC) by omitting its outer key, and keep the advantages and security of HMAC at the same time. We propose an efficient method to break H2-MAC, by using a generalized birthday attack to recover the equivalent key, under the assumption that the underlying hash function is secure (collision resistance). We can successfully recover the equivalent key of H2-MAC instantiated with any Merkle-Damgård hash function in about 2n/2on-line message authentication code (MAC) queries and 2n/2off-line MAC compu- tations with good probability. We argue that the pseudo random function-affix (PRF-AX) assumption of the origin security proof of H2-MAC, and we prove that the security of H2- MAC is dependent on the collision resistance of the underlying hash function, instead of the PRF assumption.
关键词:H2-MAC; Equivalent Key Recovery; Pseudo Random Function; Collision;Resistance; Birthday Paradox.
