The search functionality is under construction.
The search functionality is under construction.

Cryptanalysis of Two MD5-Based Authentication Protocols: APOP and NMAC

Lei WANG, Kazuo OHTA, Yu SASAKI, Kazuo SAKIYAMA, Noboru KUNIHIRO

  • Full Text Views

    0

  • Cite this

Summary :

Many hash-based authentication protocols have been proposed, and proven secure assuming that underlying hash functions are secure. On the other hand, if a hash function compromises, the security of authentication protocols based on this hash function becomes unclear. Therefore, it is significantly important to verify the security of hash-based protocols when a hash function is broken. In this paper, we will re-evaluate the security of two MD5-based authentication protocols based on a fact that MD5 cannot satisfy a required fundamental property named collision resistance. The target protocols are APOP (Authenticated Post Office Protocol) and NMAC (Nested Message Authentication Code), since they or their variants are widely used in real world. For security evaluation of APOP, we will propose a modified password recovery attack procedure, which is twice as fast as previous attacks. Moreover, our attack is more realistic, as the probability of being detected is lower than that of previous attacks. For security evaluation of MD5-based NMAC, we will propose a new key-recovery attack procedure, which has a complexity lower than that of previous attack. The complexity of our attack is 276, while that of previous attack is 2100.** Moreover, our attack has another interesting point. NMAC has two keys: the inner key and the outer key. Our attack can recover the outer key partially without the knowledge of the inner key.

Publication
IEICE TRANSACTIONS on Information Vol.E93-D No.5 pp.1087-1095
Publication Date
2010/05/01
Publicized
Online ISSN
1745-1361
DOI
10.1587/transinf.E93.D.1087
Type of Manuscript
Special Section PAPER (Special Section on Information and Communication System Security)
Category

Authors

Keyword