2009 | OriginalPaper | Buchkapitel
HMAC without the “Second” Key
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We present a new secret-prefix MAC (Message Authentication Code) based on hash functions. Just like the well-known HMAC algorithm, the new MAC can utilize current hash functions without modifying their Merkle-Damgård implementations. Indeed, the new MAC is almost the same as HMAC except that the
second call
to the secret key, which is made at the finalization stage, is
omitted
. In this way we not only increase efficiency over HMAC but also reduce the cost of managing the key, as the new MAC invokes a key only once at the initialization stage, and the rest of the process depends solely on incoming data. We give a rigorous security proof of the new MAC algorithm. Like HMAC, our new MAC is proven to be a secure PRF (Pseudo-Random Function) based on a reasonable assumption about the underlying compression function. In theory our assumption is neither stronger nor weaker than the PRF-type compression-function requirement for the PRF security of HMAC. In practice our assumption looks somewhat similar to the PRF-type requirement for the security of HMAC.