问题描述
基于SHA-1的HMAC的安全性是否受到对SHA-1的冲突攻击的影响?
Is the security of the HMAC based on SHA-1 affected by the collisions attacks on SHA-1?
推荐答案
HMAC的安全影响在的安全部分中有详细描述。简言之,在HMAC的安全受到威胁之前,确实需要进行非常强烈的攻击;现有的对SHA-1的冲突攻击当然不构成。 HMAC是专门用于使攻击困难的,普通的冲突攻击通常不足以满足:
The security implications of HMAC are described in detail in the security section of the RFC. In a nutshell, a very strong attack indeed is required before the security of the HMAC is threatened; the existing collision attacks on SHA-1 certainly don't constitute such. HMAC is specifically designed to make attacks difficult, and ordinary collision attacks won't generally suffice:
我建议您阅读整个章节。它更详细地说明了究竟什么攻击将足以打破HMAC,以及需要多少努力。
I recommend reading the whole section; it goes into more detail about exactly what attacks would suffice to break an HMAC, and just how much effort would be required.
这篇关于HMAC安全 - 基于SHA-1的HMAC的安全性是否受到对SHA-1的冲突攻击的影响?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!