标题：Equivalent Key Recovery Attacks Against HMAC and NMAC with Whirlpool Reduced to 7 Rounds
作者：Guo, Jian; Sasaki, Yu; Wang, Lei; Wang, Meiqin; Wen, Long
作者机构：[Guo, Jian; Wang, Lei] Nanyang Technol Univ, Singapore 639798, Singapore.; [Sasaki, Yu] NTT Secure Platform Labs, Tokyo, Japan.; [Wang, Meiqin; We 更多
会议名称：21st International Workshop on Fast Software Encryption (FSE)
会议日期：MAR 03-05, 2014
来源：FAST SOFTWARE ENCRYPTION, FSE 2014
关键词：HMAC; NMAC; Whirlpool; Universal forgery; Key recovery
摘要：A main contribution of this paper is an improved analysis against HMAC instantiating with reduced Whirlpool. It recovers equivalent keys, which are often denoted as K-in and K-out, of HMAC with 7-round Whirlpool, while the previous best attack can work only for 6 rounds. Our approach is applying the meet-in-the-middle (MITM) attack on AES to recover MAC keys of Whirlpool. Several techniques are proposed to bypass different attack scenarios between a block cipher and a MAC, e.g., the chosen plaintext model of the MITM attacks on AES cannot be used for HMAC-Whirlpool. Besides, a larger state size and different key schedule designs of Whirlpool leave us a lot of room to study. As a result, equivalent keys of HMAC with 7-round Whirlpool are recovered with a complexity of (Data, Time, Memory) = (2(481.7), 2(482.3), 2(481)).