Home
Search

Participants

SEMINAR PROGRAM

PRENEEL Bart

Universal hash functions are not so universal

This paper discusses some forgery and key recovery attacks on several universal hash function based MAC algorithms. The attacks use a substantial number of verification queries and in a few cases require nonce reuse. Some of these attacks exploit weak keys, while others can make use of partial information on a secret key, for example, due to a side channel attack. These results show that while universal hash functions offer provable security, high speeds and parallelism, their simple combinatorial properties make them less robust than conventional message authentication primitives.

(joint work with Helena Handschuh)
umac_slidesv4.pdf

"PRENEEL Bart" is mentioned on: Home | Participants


(C) 2007 University of Luxembourg

Printable Version
VeryQuickWiki - HTML Export
Version: 2.7.1 (UniLux: 1.15.0 2006-01-19)
Modified: 2008-02-01 11:44:04
Exported: 2010-01-06 02:36:55