Design Principles
The design of the HMAC specification was motivated by the existence of attacks on more trivial mechanisms for combining a key with a hash function. For example, one might assume the same security that HMAC provides could be achieved with MAC = H(key ∥ message). However, this method suffers from a serious flaw: with most hash functions, it is easy to append data to the message without knowing the key and obtain another valid MAC ("length-extension attack"). The alternative, appending the key using MAC = H(message ∥ key), suffers from the problem that an attacker who can find a collision in the (unkeyed) hash function has a collision in the MAC (as two messages m1 and m2 yielding the same hash will provide the same start condition to the hash function before the appended key is hashed, hence the final hash will be the same). Using MAC = H(key ∥ message ∥ key) is better, however various security papers have suggested vulnerabilities with this approach, even when two different keys are used.
No known extensions attacks have been found against the current HMAC specification which is defined as H(key1 ∥ H(key2 ∥ message)) because the outer application of the hash function masks the intermediate result of the internal hash. The values of ipad and opad are not critical to the security of the algorithm, but were defined in such a way to have a large Hamming distance from each other and so the inner and outer keys will have fewer bits in common. The security reduction of HMAC does require them to be different in at least one bit though.
Read more about this topic: Hash-based Message Authentication Code
Famous quotes containing the words design and/or principles:
“For I choose that my remembrances of him should be pleasing, affecting, religious. I will love him as a glorified friend, after the free way of friendship, and not pay him a stiff sign of respect, as men do to those whom they fear. A passage read from his discourses, a moving provocation to works like his, any act or meeting which tends to awaken a pure thought, a flow of love, an original design of virtue, I call a worthy, a true commemoration.”
—Ralph Waldo Emerson (1803–1882)
“The mode of founding a college is, commonly, to get up a subscription of dollars and cents, and then, following blindly the principles of a division of labor to its extreme,—a principle which should never be followed but with circumspection,—to call in a contractor who makes this a subject of speculation,... and for these oversights successive generations have to pay.”
—Henry David Thoreau (1817–1862)