Message Authentication Code (MAC) algorithms can provide cryptographically secure authentication services. One of the most popular algorithms in commercial applications is HMAC based on the hash functions MD5 or SHA-1. In the light of new collision search methods for members of the MD4 family including SHA-1, the security of HMAC based on these hash functions is reconsidered. We present a new m...

HMAC and its variant NMAC are the most popular approaches to deriving a MAC (and more generally, a PRF) from a cryptographic hash function. Despite nearly two decades of research, their exact security still remains far from understood in many different contexts. Indeed, recent works have re-surfaced interest for generic attacks, i.e., attacks that treat the compression function of the underlyin...

This research focuses on developing a set of secure communication network testbeds and using them to measure the overhead of IP Security (IPSec) for email and web applications. The network testbeds are implemented using both wireline and wireless technologies. The testing involves a combination of authentication algorithms such as Hashed Message Authentication Code-Message Digest 5 (HMAC-MD5) a...

IPSec provides two types of security algorithms, symmetric encryption algorithms (e.g. Data Encryption Standard DES) for encryption, and one-way hash functions (e.g., Message Digest MD5 and Secured Hash Algorithm SHAl) for authentication. This paper presents performance analysis and comparisons between these algorithms in terms of time complexity and space complexity. Parameters considered are ...

Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Abstract RFC 4492 describes elliptic curve cipher suites for Transport Layer Security (TLS). However, all those cipher suites use HMAC-SHA-1 as their Message Authentication Code (MAC) algorithm. This document describes sixte...

In this article, we focus on second preimages for iterated hash functions. More precisely, we introduce the notion of a b-block bypass which is closely related to the notion of second preimage but specifies additional properties. We will then give two examples of iterated hash functions to which this notion applies: a double-block length hash function and a single-block length hash function. Fu...