본문 바로가기
  • Home

Key Recovery Attacks on HMAC with Reduced-Round AES

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2018, 23(1), pp.57-66
  • DOI : 10.9708/jksci.2018.23.01.057
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science
  • Received : November 22, 2017
  • Accepted : January 2, 2018
  • Published : January 31, 2018

RYU GAYEON 1 Deukjo Hong 1

1전북대학교

Accredited

ABSTRACT

It is known that a single-key and a related-key attacks on AES-128 are possible for at most 7 and 8 rounds, respectively. The security of CMAC, a typical block-cipher-based MAC algorithm, has very high possibility of inheriting the security of the underlying block cipher. Since the attacks on the underlying block cipher can be applied directly to the first block of CMAC, the current security margin is not sufficient compared to what the designers of AES claimed. In this paper, we consider HMAC-DM-AES-128 as an alternative to CMAC-AES-128 and analyze its security for reduced rounds of AES-128. For 2-round AES-128, HMAC-DM-AES-128 requires the precomputation phase time complexity of 2 97 AES, the online phase time complexity of 2 98.68 AES and the data complexity of 2 98 blocks. Our work is meaningful in the point that it is the first security analysis of MAC based on hash modes of AES.

Citation status

* References for papers published after 2022 are currently being built.