This paper presents a new distinguisher which can be applied to secret-prefix MACs with the message length prepended to the message before hashing. The new distinguisher makes use of a special truncated differential path with high probability to distinguish an inner near-collision in the first round. Once the inner near-collision is detected, we can recognize an instantiated MAC from a MAC with a random function. The complexity for distinguishing the MAC with 43-step reduced SHA-1 is 2124.5 queries. For the MAC with 61-step SHA-1, the complexity is 2154.5 queries. The success probability is 0.70 for both. © 2009 Springer Berlin Heidelberg.
CITATION STYLE
Wang, X., Wang, W., Jia, K., & Wang, M. (2009). New distinguishing attack on MAC using secret-prefix method. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5665 LNCS, pp. 363–374). https://doi.org/10.1007/978-3-642-03317-9_22
Mendeley helps you to discover research relevant for your work.