问题描述

基于SHA-1的HMAC的安全性是否受到对SHA-1的冲突攻击的影响？

Is the security of the HMAC based on SHA-1 affected by the collisions attacks on SHA-1?

推荐答案

HMAC的安全影响在的安全部分中有详细描述。简言之，在HMAC的安全受到威胁之前，确实需要进行非常强烈的攻击;现有的对SHA-1的冲突攻击当然不构成。 HMAC是专门用于使攻击困难的，普通的冲突攻击通常不足以满足：

The security implications of HMAC are described in detail in the security section of the RFC. In a nutshell, a very strong attack indeed is required before the security of the HMAC is threatened; the existing collision attacks on SHA-1 certainly don't constitute such. HMAC is specifically designed to make attacks difficult, and ordinary collision attacks won't generally suffice:

我建议您阅读整个章节。它更详细地说明了究竟什么攻击将足以打破HMAC，以及需要多少努力。

I recommend reading the whole section; it goes into more detail about exactly what attacks would suffice to break an HMAC, and just how much effort would be required.

这篇关于HMAC安全 - 基于SHA-1的HMAC的安全性是否受到对SHA-1的冲突攻击的影响？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！