TY - GEN
T1 - Keying hash functions for message authentication
AU - Bellare, Mihir
AU - Canetti, Ran
AU - Krawczyk, Hugo
N1 - Publisher Copyright:
© Springer-Vertag Berlin Heidelberg 1996.
PY - 1996
Y1 - 1996
N2 - The use of cryptographic hash functions like MD5 or SHA-1 for message authentication has become a standard approach in many applications, particularly Internet security protocols. Though very easy to implement, these mechanisms are usually based on ad hoc techniques that lack a sound security analysis. We present new, simple, and practical constructions of message authentication schemes based on a cryptographic hash function. Our schemes, NMAC and HMAC, are proven to be secure as long as the underlying hash function has some reasonable cryptographic strengths. Moreover we show, in a quantitative way, that the schemes retain almost all the security of the underlying hash function. The performance of our schemes is essentially that of the underlying hash function. Moreover they use the hash function (or its compression function) as a black box, so that widely available library code or hardware can be used to implement them in a simple way, and replaceability of the underlying hash function is easily supported.
AB - The use of cryptographic hash functions like MD5 or SHA-1 for message authentication has become a standard approach in many applications, particularly Internet security protocols. Though very easy to implement, these mechanisms are usually based on ad hoc techniques that lack a sound security analysis. We present new, simple, and practical constructions of message authentication schemes based on a cryptographic hash function. Our schemes, NMAC and HMAC, are proven to be secure as long as the underlying hash function has some reasonable cryptographic strengths. Moreover we show, in a quantitative way, that the schemes retain almost all the security of the underlying hash function. The performance of our schemes is essentially that of the underlying hash function. Moreover they use the hash function (or its compression function) as a black box, so that widely available library code or hardware can be used to implement them in a simple way, and replaceability of the underlying hash function is easily supported.
UR - http://www.scopus.com/inward/record.url?scp=35048891868&partnerID=8YFLogxK
U2 - 10.1007/3-540-68697-5_1
DO - 10.1007/3-540-68697-5_1
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:35048891868
SN - 3540615121
SN - 3540615121
SN - 9783540615125
SN - 9783540615125
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 1
EP - 15
BT - Advances in Cryptology - CRYPT0 1996 - 16th Annual International Cryptology Conference, Proceedings
A2 - Koblitz, Neal
A2 - Koblitz, Neal
PB - Springer Verlag
T2 - 16th Annual International Cryptology Conference, CRYPT0 1996
Y2 - 18 August 1996 through 22 August 1996
ER -