Optimization of PBKDF2 Using HMAC-SHA2 and HMAC-LSH Families in CPU Environment

Another look at HMAC

HMAC is the most widely-deployed cryptographic-hash-function-based message authentication code. First, we describe a security issue that arises because of inconsistencies in the standards and the published literature regarding keylength. We prove a separation result between two versions of HMAC, which we denote HMAC and HMAC, the former being the real-world version standardized by Bellare et al...

Internet - Draft Babel HMAC

This document describes a cryptographic authentication mechanism for Babel routing protocol, updating, but not superceding RFC 6126. The mechanism allocates two new TLV types for the authentication data, uses HMAC and is both optional and backward compatible.

A Closer Look at HMAC

Bellare, Canetti and Krawczyk [BCK96] show that cascading an ε-secure (fixed input length) PRF gives an O(εnq)-secure (variable input length) PRF when making at most q prefix-free queries of length n blocks. We observe that this translates to the same bound for NMAC (which is the cascade without the prefix-free requirement but an additional application of the PRF at the end), and give a matchin...

Generic Internal State Recovery on Strengthened HMAC: n-bit Secure HMAC Requires Key in All Blocks

Cryptanalysis of HMAC/NMAC-Whirlpool

In this paper, we present universal forgery and key recovery attacks on the most popular hash-based MAC constructions, e.g., HMAC and NMAC, instantiated with an AES-like hash function Whirlpool. These attacks work with Whirlpool reduced to 6 out of 10 rounds in single-key setting. To the best of our knowledge, this is the first result on “original” key recovery for HMAC (previous works only suc...