In this paper, we present a new distinguishing attack which works for secret prefix MAC based on 65-step (12-76) SHA-1. By birthday paradox, we first guarantee the existence of an internal collision at the output of the first iteration, then identify it by choosing the second message block smartly, and finally distinguish the specific MAC from a random function by making use of a near-collision differential path. The complexity of our new distinguisher is 280.9 queries with success probability 0.51. In comparison, we also present a distinguisher on secret prefix MAC instantiated with 63-step (8-70) SHA-1 according to Wang's method introduced at FSE 2009 [21], which needs about 2157 queries with success probability 0.70. © 2010 Springer-Verlag.
CITATION STYLE
Qiao, S., Wang, W., & Jia, K. (2010). Distinguishing attack on secret prefix MAC instantiated with reduced SHA-1. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5984 LNCS, pp. 349–361). https://doi.org/10.1007/978-3-642-14423-3_23
Mendeley helps you to discover research relevant for your work.