| 注册
首页|期刊导航|空军工程大学学报(自然科学版)|基于缩减到53(20-72)步的SHA-1的H2-MAC的等价密钥恢复攻击

基于缩减到53(20-72)步的SHA-1的H2-MAC的等价密钥恢复攻击

张丽 王沛

空军工程大学学报(自然科学版)2013,Vol.14Issue(4):84-87,4.
空军工程大学学报(自然科学版)2013,Vol.14Issue(4):84-87,4.DOI:10.3969/j.issn.1009-3516.2013.04.020

基于缩减到53(20-72)步的SHA-1的H2-MAC的等价密钥恢复攻击

Equivalent Key Recovery Attack on H2-MAC Instantiated with SHA-1 Reduced to 53 (20-72) Steps

张丽 1王沛2

作者信息

  • 1. 山东大学计算机科学与技术学院,山东济南,250101
  • 2. 国防科技大学信息系统与管理学院,湖南长沙,410073
  • 折叠

摘要

Abstract

H2-MAC,which was proposed by Kan Yasuda in Information Security Conference (ISC) 2009,is a new type of MAC construction.Compared with HMAC,H2-MAC is much easier for algorithm implementation and key management,for it gets access to the key only once.This paper first presents an equivalent key recovery attack H2-MAC-SHA-1 reduced to 53 (20-72) steps,which conduces to a universal forgery attack directly.Firstly,an H2-MAC-SHA-1 distinguisher is constructed.Then,the intermediate chaining variable,i.e.,the equivalent key is recovered by using the distinguisher and bit flipping technology.Consequently,the universal forgery attack is processed.The adversary unknowing the secret key can process the universal forgery attack by computing the valid MAC value of M,which can be an arbitrary message.The complexity of the attack is about 299 queries,which is much lower than the ideal complexity of the universal forgery.

关键词

密码分析/H2-MAC-SHA-1/等价密钥恢复攻击/一般性伪造攻击

Key words

crypt analysis/H2-MAC-SHA-1/equivalent key recovery attack/universal forgery

分类

信息技术与安全科学

引用本文复制引用

张丽,王沛..基于缩减到53(20-72)步的SHA-1的H2-MAC的等价密钥恢复攻击[J].空军工程大学学报(自然科学版),2013,14(4):84-87,4.

基金项目

高等学校博士学科点专项科研基金资助项目(20100131120015) (20100131120015)

空军工程大学学报(自然科学版)

OA北大核心CSCDCSTPCD

2097-1915

访问量0
|
下载量0
段落导航相关论文