The HMAC Construction: A Decade Later
Speaker: Ran Canetti , IBM, TJ Watson/MIT CSAIL
Date: December 9 2005
Time: 10:30AM to 12:00PM
Location: 32-G449 Patil/Kiva
Contact: Be Blackburn, 3-6098, firstname.lastname@example.org
Message authentication codes (MACs) provide a way for parties in a network
to authenticate each other's messages. As such, they are arguably the most
commonly used cryptographic constructs. HMAC is a MAC construction based
on cryptographic hash functions, that was designed for the IPSec protocol
in 1995. It is now incorporated in protocols such as IPSec, TLS, SSH and
SHTTP, standardized by NIST and ANSI, and shipped with any major operating
system and web browser.
HMAC combines simple design with sound cryptographic analysis that makes
relatively mild security assumptions on the underlying hash function. In
particular, this analysis shows that HMAC remains unaffected by the recent
advancements in finding collisions in hash functions.
This talk will review the design of HMAC with some historic perspective,
in an attempt to draw lessons on the impact of theoretical analysis on
practical security and acceptability. We will also survey other common
uses of HMAC today, such as for key derivation and randomness extraction
in VPN protocols. Finally, we will use these lessons to propose
requirements for a new cryptographic hash function, thus contributing to
the current specification effort led by NIST.
HMAC is joint work with Mihir Bellare and Hugo Krawczyk.
See other events that are part of Cryptography and Information Security Seminar Seminars 2005/2006
See other events happening in December 2005