New HMAC Message Patches: Secret Patch and CrOw Patch

  • Donghoon Chang
  • Somitra Kumar Sanadhya
  • Nishant Sharma
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9478)


At Asiacrypt 2012, Peyrin et al. showed generic attacks against the HMAC design. They utilized a pair of related keys where only the relation between the keys is known to the attacker but not the keys themselves (the secret key model). On similar lines, at Crypto 2012, Dodis et al. showed differentiability attacks based on ambiguous and colliding keys on HMAC in known/chosen key model. Peyrin et al. also proposed a patching scheme for HMAC and claimed that the proposed patch thwarts their attacks.

In this work, we first show that the patch proposed by Peyrin et al. will not prevent their attacks for the HMAC construction for certain “good” cryptographic hash functions. Specifically, we show that no public and reversible patch will prevent their attack on HMAC instantiated with a weakly collision resistant hash function. Following this, we propose two different patches, called the secret patch and the collision resistant one way (CrOw) patch, to thwart the attacks of Peyrin et al. and Dodis et al. Our work is theoretical in nature, and does not threaten the security of HMAC used with standard hash functions. Further, both our patches are designed to be used as wrappers and do not affect the underlying HMAC construction. This property is similar to Peyrin et al.’s patch.


HMAC Patch Related key attack Colliding keys Ambiguous keys Indifferentiability 

Supplementary material


  1. 1.
    Request For Comments: 3174, US Secure Hash Algorithm 1 (SHA1). IETF Working group (2001)Google Scholar
  2. 2.
    Andreeva, E., Preneel, B.: A three-property-secure hash function. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 228–244. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  3. 3.
    Bellare, M.: New proofs for \(\sf {NMAC}\) and \(\sf {HMAC}\): security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  4. 4.
    Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996) Google Scholar
  5. 5.
    Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård revisited: how to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  6. 6.
    Dodis, Y., Ristenpart, T., Steinberger, J., Tessaro, S.: To hash or not to hash again? (In)differentiability results for H \(^\text{2 }\) and HMAC. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 348–366. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  7. 7.
    Guo, J., Peyrin, T., Sasaki, Y., Wang, L.: Updates on generic attacks against \(\mathtt {HMAC}\) and \(\mathtt {NMAC}\). In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 131–148. Springer, Heidelberg (2014)Google Scholar
  8. 8.
    Leurent, G., Peyrin, T., Wang, L.: New generic attacks against hash-based MACs. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 1–20. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  9. 9.
    Canetti, R., Bellare, M., Krawczyk, H.: Request For Comments: 2104, HMAC: Keyed-Hashing for Message Authentication. IETF Working group (1997)Google Scholar
  10. 10.
    Maurer, U.M., Renner, R.S., Holenstein, C.: Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21–39. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  11. 11.
    Peyrin, T., Sasaki, Y., Wang, L.: Generic related-key attacks for HMAC. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 580–597. Springer, Heidelberg (2012) CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Donghoon Chang
    • 1
  • Somitra Kumar Sanadhya
    • 1
  • Nishant Sharma
    • 2
  1. 1.IIIT-DelhiNew DelhiIndia
  2. 2.Airtight NetworksPuneIndia

Personalised recommendations