Re: Slow but secure has function for small data
- From: Krystian Matusiewicz <myname@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 20 Feb 2007 06:25:02 GMT
Ertugrul Soeylemez wrote:
Of course they don't contradict each other.So even though Bellare's proof shows that HMAC is secure assuming that
the hash function is a PRF it seems that this assumption is not true
for MD4 and MD5, so I would be cautious about Joseph's proposal (at
least in theory) if I needed a reduction to a really well studied
problem that is believed to be hard.
Well, proofs cannot contradict each other, so what's the conclusion?
The assumption that MD4 or MD5 behave like a PRF is not true.
Read the paper for details.
--
Krystian Matusiewicz
http://www.ics.mq.edu.au/~kmatus/
.
- References:
- Slow but secure has function for small data
- From: Ertugrul Soeylemez
- Re: Slow but secure has function for small data
- From: Joseph Ashwood
- Re: Slow but secure has function for small data
- From: Ertugrul Soeylemez
- Re: Slow but secure has function for small data
- From: Joseph Ashwood
- Re: Slow but secure has function for small data
- From: Ertugrul Soeylemez
- Re: Slow but secure has function for small data
- From: Joseph Ashwood
- Re: Slow but secure has function for small data
- From: Ertugrul Soeylemez
- Re: Slow but secure has function for small data
- From: Krystian Matusiewicz
- Re: Slow but secure has function for small data
- From: Ertugrul Soeylemez
- Slow but secure has function for small data
- Prev by Date: Re: Slow but secure has function for small data
- Next by Date: Re: Slow but secure has function for small data
- Previous by thread: Re: Slow but secure has function for small data
- Next by thread: Re: Slow but secure has function for small data
- Index(es):
Relevant Pages
|
