caa a22 4500 606148876 CHVBK 20210128100531.0 cr unu---uuuuu 210128e20151001xx s 000 0 eng 10.1007/s00145-014-9185-x doi (NATIONALLICENCE)springer-10.1007/s00145-014-9185-x Bellare Mihir Department of Computer Science & Engineering 0404, University of California San Diego, 9500 Gilman Drive, 92093-0404, La Jolla, CA, USA aut New Proofs for NMAC and HMAC: Security without Collision Resistance [Elektronische Daten] [Mihir Bellare] HMAC was proved in Bellare et al. (Advances in Cryptology-CRYPTO'96, Springer, Berlin, Heidelberg, 1996) to be a PRF assuming that (1) the underlying compression function is a PRF, and (2) the iterated hash function is weakly collision resistant. However, subsequent attacks showed that assumption (2) is false for MD5 and SHA-1, removing the proof-based support for HMAC in these cases. This paper proves that HMAC is a PRF under the sole assumption that the compression function is a PRF. This recovers a proof-based guarantee since no known attacks compromise the pseudorandomness of the compression function, and it also helps explain the resistance to attack that HMAC has shown even when implemented with hash functions whose (weak) collision resistance is compromised. We also show that an even weaker than PRF condition on the compression function, namely that it is a privacy-preserving MAC, suffices to establish HMAC is a secure MAC as long as the hash function meets the very weak requirement of being computationally almost universal, where again the value lies in the fact that known attacks do not invalidate the assumptions made. International Association for Cryptologic Research, 2014 Message authentication nationallicence Hash functions nationallicence Pseudorandom functions nationallicence Carter-Wegman nationallicence Journal of Cryptology Springer US; http://www.springer-ny.com 28/4(2015-10-01), 844-878 0933-2790 28:4<844 2015 28 145 https://doi.org/10.1007/s00145-014-9185-x text/html Onlinezugriff via DOI BK010053 XK010053 XK010000 Metadata rights reserved Springer special CC-BY-NC licence nationallicence 1 research-article jats NATIONALLICENCE NATIONALLICENCE NL-springer NATIONALLICENCE 856 40 https://doi.org/10.1007/s00145-014-9185-x text/html Onlinezugriff via DOI NATIONALLICENCE 100 1- Bellare Mihir Department of Computer Science & Engineering 0404, University of California San Diego, 9500 Gilman Drive, 92093-0404, La Jolla, CA, USA aut NATIONALLICENCE 773 0- Journal of Cryptology Springer US; http://www.springer-ny.com 28/4(2015-10-01), 844-878 0933-2790 28:4<844 2015 28 145