Reading the Crypto Classics: Bellare, Canetti, and Krawczyk: „Keying Hash Functions for Message Authentication“

10.03.2021 10:00-11:00

Moderator: Jérôme Govinden (TU Darmstadt, CNS Group) | Location: Online

Organizer: Christian Janson, TU Darmstadt, Cryptoplexity Group


This talk is the last one in the seminar series „Reading the Crypto Classics“ for the very special winter term 2020/2021. The idea of this seminar is to jointly read classical milestone papers in the area of cryptography, to discuss their impact and understand their relevance for current research areas. The seminar is running as an Oberseminar, but at the same time meant to be a joint reading group seminar of the CROSSING Special Interest Group on Advanced Cryptography with all interested CROSSING members being invited to participate.

This issue will cover the paper

Bellare, Canetti, and Krawczyk: „Keying Hash Functions for Message Authentication“ (CRYPTO 1996); DOI: 10.1007/3-540-68697-5_1

with the following abstract:

„The use of cryptographic hash functions like MD5 or SHA-1 for message authentication has become a standard approach in many applications, particularly Internet security protocols. Though very easy to implement, these mechanisms are usually based on ad hoc techniques that lack a sound security analysis.

We present new, simple, and practical constructions of message authentication schemes based on a cryptographic hash function. Our schemes, NMAC and HMAC, are proven to be secure as long as the underlying hash function has some reasonable cryptographic strengths. Moreover we show, in a quantitative way, that the schemes retain almost all the security of the underlying hash function. The performance of our schemes is essentially that of the underlying hash function. Moreover they use the hash function (or its compression function) as a black box, so that widely available library code or hardware can be used to implement them in a simple way, and replaceability of the underlying hash function is easily supported.“

Further information about the virtual format

For participation the following Meeting Link is required:

  • Meeting-ID: 848 3831 0062
  • Kenncode: 517749

More information