Cryptography Predicting Prime Numbers |
- Predicting Prime Numbers
- The Quest to Break America’s Most Mysterious Code—And Find $60 Million in Buried Treasure
- Using HMAC with fixed non-secret key, instead of using hash function directly, to avoid length extension attacks?
| Posted: 16 Jun 2018 11:28 AM PDT |
| The Quest to Break America’s Most Mysterious Code—And Find $60 Million in Buried Treasure Posted: 16 Jun 2018 10:35 PM PDT |
| Posted: 16 Jun 2018 06:29 PM PDT I'm aware that hash functions such as SHA1 and SHA2 are vulnerable to length extension attacks, and moreover, under some circumstances, the length extension attacks can be used to produce plausible forgeries. I'm also aware that, because of its construction, HMAC is not vulnerable to length extension attacks, even when the underlying hash function is. (Please correct me if any of this is inaccurate.) In the case where I would want a verifiable hash-like value, with length extension resistance, but don't want or don't have a shared secret to work with, would it work to use HMAC with SHA1 or SHA2 with a fixed non-secret key? Perhaps the all-zero key? Would this provide the same guarantees as using the underlying hash function directly, plus length extension resistance? Is this construction practical, or too complex for what it needs to do? (Note that I'm asking this more as a curiosity than anything else, and I don't intend to implement this construction anywhere.) Thanks in advance. [link] [comments]  |
| You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment