We propose a general equivalent inner key recovery attack to the NMAC (Nested Message Authentication Code) instantiated with secure hash function in a related key setting, by applying a generalized birthday attack with two groups. We can recover the equivalent inner key of NMAC in about 2 n/2+1 on-line MAC queries. The assumption of that the underlying hash function must be collision resistant is dropped in the security proof of NMAC. However, our result shows that NMAC, even instantiated with a collision resistant Merkle-Damgård hash function, is not secure as its designer claimed. © 2013 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Liu, F., Shen, C., & Xie, T. (2013). Equivalent inner key recovery attack to NMAC. In Advances in Intelligent Systems and Computing (Vol. 189 AISC, pp. 67–75). Springer Verlag. https://doi.org/10.1007/978-3-642-33018-6_7
Mendeley helps you to discover research relevant for your work.