Key recovery attack on ANSI X9.19 retail MAC
نویسندگان
چکیده
منابع مشابه
A new key recovery attack on the ANSI retail MAC
A new type of attack is introduced which takes advantage of MAC truncation to simplify key recovery attacks based on MAC verifications. One example of the attack is described which, in certain circumstances, enables a more efficient attack than was previously known to be launched against the ANSI retail MAC. The existence of this attack means that truncation for this MAC scheme should be used w...
متن کاملEquivalent Key Recovery Attack to H-MAC
In this paper, we propose an efficient method to break H2-MAC, by using a generalized birthday attack to recover the equivalent key, under the assumption that the underlying hash function is secure (collision resistance). We can successfully recover the equivalent key of H2-MAC in about 2n/2 on-line MAC queries and 2n/2 off-line hash computations with great probability. This attack shows that t...
متن کاملKey Recovery Attack on QuiSci
QuiSci is incredible fast, faster than most other ciphers. On modern CPUs it needs only arround 1 clock cycle per byte, so it is 10 times fast than most other well-known algorithm. On the website of QuiSci [1] it is claimed that this algorithm is secure. With this paper I like to show a key recovery attack on QuiSci, exploiting the weak key setup. When you are able to guess the beginning of the...
متن کاملEquivalent Key Recovery Attack on H 2-MAC Instantiated with MD5
This paper presents the first equivalent key recovery attack on H2-MAC-MD5, which conduces to a selective forgery attack directly. H2-MAC is similar with HMAC except that the outer key is omitted. For HMAC-MD5, since the available differential paths are pseudocollisions, all the key recovery attacks are in the related-key setting, while our attack on H2MAC-MD5 gets rid of this restriction. Base...
متن کاملPractical Key-Recovery Attack on MANTIS5
MANTIS is a lightweight tweakable block cipher recently published at CRYPTO 2016. In addition to the full 14-round version, MANTIS7, the designers also propose an aggressive 10-round version, MANTIS5. The security claim for MANTIS5 is resistance against “practical attacks”, defined as related-tweak attacks with data complexity 2 less than 2 chosen plaintexts (or 2 known plaintexts), and computa...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Electronics Letters
سال: 1996
ISSN: 0013-5194
DOI: 10.1049/el:19961045