what's wrong with HMAC?
Hal Finney
hal at finney.org
Mon May 1 23:38:35 EDT 2006
Travis H. writes:
> Ross Anderson once said cryptically,
> > HMAC has a long story attched to it - the triumph of the
> > theory community over common sense
>
> He wouldn't expand on that any more... does anyone have an idea of
> what he is referring to?
I might speculate, based on what you write here, that he believed that
the simpler, ad hoc constructions often used in the days preceding
HMAC were good enough in practice, and that the theoretical proofs of
security for HMAC were given too much weight. The original HMAC paper
is at http://www-cse.ucsd.edu/~mihir/papers/kmd5.pdf and the authors
show in section 6 various attacks on ad hoc constructions, but some of
them are admittedly impractical.
Hal Finney
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list