We present a new secret-prefix MAC (Message Authentication Code) based on hash functions. Just like the well-known HMAC algorithm, the new MAC can utilize current hash functions without modifying their Merkle-Damgård implementations. Indeed, the new MAC is almost the same as HMAC except that the
to the secret key, which is made at the finalization stage, is
. In this way we not only increase efficiency over HMAC but also reduce the cost of managing the key, as the new MAC invokes a key only once at the initialization stage, and the rest of the process depends solely on incoming data. We give a rigorous security proof of the new MAC algorithm. Like HMAC, our new MAC is proven to be a secure PRF (Pseudo-Random Function) based on a reasonable assumption about the underlying compression function. In theory our assumption is neither stronger nor weaker than the PRF-type compression-function requirement for the PRF security of HMAC. In practice our assumption looks somewhat similar to the PRF-type requirement for the security of HMAC.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten