Paper 2015/075
Equivalent Key Recovery Attacks against HMAC and NMAC with Whirlpool Reduced to 7 Rounds
Jian Guo, Yu Sasaki, Lei Wang, Meiqin Wang, and Long Wen
Abstract
A main contribution of this paper is an improved analysis against HMAC instantiating with reduced Whirlpool. It recovers equivalent keys, which are often denoted as Kin and Kout, of HMAC with 7-round Whirlpool, while the previous best attack can work only for 6 rounds. Our approach is applying the meet-in-the-middle (MITM) attack on AES to recover MAC keys of Whirlpool. Several techniques are proposed to bypass different attack scenarios between a block cipher and a MAC, e.g., the chosen plaintext model of the MITM attacks on AES cannot be used for HMAC-Whirlpool. Besides, a larger state size and different key schedule designs of Whirlpool leave us a lot of room to study. As a result, equivalent keys of HMAC with 7-round Whirlpool are recovered with a complexity of (Data, Time, Memory) = (2^481.7, 2^482.3, 2^481).
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published by the IACR in FSE 2014
- Keywords
- HMACNMACWhirlpooluniversal forgerykey recovery
- Contact author(s)
- ntu guo @ gmail com
- History
- 2015-02-10: received
- Short URL
- https://ia.cr/2015/075
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/075,
author = {Jian Guo and Yu Sasaki and Lei Wang and Meiqin Wang and Long Wen},
title = {Equivalent Key Recovery Attacks against HMAC and NMAC with Whirlpool Reduced to 7 Rounds},
howpublished = {Cryptology ePrint Archive, Paper 2015/075},
year = {2015},
note = {\url{https://eprint.iacr.org/2015/075}},
url = {https://eprint.iacr.org/2015/075}
}
