HMAC (Turkish Wikipedia)

Analysis of information sources in references of the Wikipedia article "HMAC" in Turkish language version.

refsWebsite

Global rank Turkish rank

10web.archive.org

1^st place

3psu.edu

207^th place

424^th place

3ietf.org

214^th place

1,248^th place

2iacr.org

5,032^nd place

low place

1noekeon.org

low place

1schneier.com

8,888^th place

low place

1ucsd.edu

1,933^rd place

2,448^th place

iacr.org

eprint.iacr.org

Jongsung, Kim; Biryukov, Alex; Preneel, Bart; Hong, Seokhie (2006). "On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1" (PDF). 12 Mayıs 2013 tarihinde kaynağından (PDF) arşivlendi. Erişim tarihi: 20 Nisan 2017.

iacr.org

Wang, Xiaoyun; Yu, Hongbo; Wang, Wei; Zhang, Haina; Zhan, Tao (2009). "Cryptanalysis on HMAC/NMAC-MD5 and MD5-MAC" (PDF). 30 Nisan 2015 tarihinde kaynağından arşivlendi (PDF). Erişim tarihi: 15 Haziran 2015.

ietf.org

datatracker.ietf.org

RFC 2104, section 2, "Definition of HMAC", page 3.

ietf.org

IETF (Şubat 1997). "RFC 2104". 29 Kasım 2016 tarihinde kaynağından arşivlendi. Erişim tarihi: 3 Aralık 2009. The strongest attack known against HMAC is based on the frequency of collisions for the hash function H ("birthday attack") [PV,BCK2], and is totally impractical for minimally reasonable hash functions.

tools.ietf.org

"RFC 6151 – Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms". Internet Engineering Task Force. Mart 2011. 15 Haziran 2017 tarihinde kaynağından arşivlendi. Erişim tarihi: 15 Haziran 2015.

noekeon.org

keccak.noekeon.org

Keccak team. "Strengths of Keccak - Design and security". 6 Haziran 2017 tarihinde kaynağından arşivlendi. Erişim tarihi: 30 Ocak 2013. Unlike SHA-1 and SHA-2, Keccak does not have the length-extension weakness, hence does not need the HMAC nested construction. Instead, MAC computation can be performed by simply prepending the message with the key.

psu.edu

citeseerx.ist.psu.edu

Bellare, Mihir; Canetti, Ran; Krawczyk, Hugo (1996). "Keying Hash Functions for Message Authentication". 4 Mart 2016 tarihinde kaynağından arşivlendi. Erişim tarihi: 20 Nisan 2017.
Preneel, Bart; van Oorschot, Paul C. (1995). "MDx-MAC and Building Fast MACs from Hash Functions". 4 Haziran 2010 tarihinde kaynağından arşivlendi. Erişim tarihi: 28 Ağustos 2009.
Preneel, Bart; van Oorschot, Paul C. (1995). "On the Security of Two MAC Algorithms". 23 Şubat 2009 tarihinde kaynağından arşivlendi. Erişim tarihi: 28 Ağustos 2009.

schneier.com

Bruce Schneier (Ağustos 2005). "SHA-1 Broken". 26 Haziran 2017 tarihinde kaynağından arşivlendi. Erişim tarihi: 9 Ocak 2009. although it doesn't affect applications such as HMAC where collisions aren't important

ucsd.edu

cseweb.ucsd.edu

Bellare, Mihir (Haziran 2006). "New Proofs for NMAC and HMAC: Security without Collision-Resistance". Dwork, Cynthia (Ed.). Advances in Cryptology – Crypto 2006 Proceedings. Lecture Notes in Computer Science 4117. Springer-Verlag. 16 Temmuz 2011 tarihinde kaynağından arşivlendi. Erişim tarihi: 25 Mayıs 2010. This paper proves that HMAC is a PRF under the sole assumption that the compression function is a PRF. This recovers a proof based guarantee since no known attacks compromise the pseudorandomness of the compression function, and it also helps explain the resistance-to-attack that HMAC has shown even when implemented with hash functions whose (weak) collision resistance is compromised.

web.archive.org

Bellare, Mihir; Canetti, Ran; Krawczyk, Hugo (1996). "Keying Hash Functions for Message Authentication". 4 Mart 2016 tarihinde kaynağından arşivlendi. Erişim tarihi: 20 Nisan 2017.
Preneel, Bart; van Oorschot, Paul C. (1995). "MDx-MAC and Building Fast MACs from Hash Functions". 4 Haziran 2010 tarihinde kaynağından arşivlendi. Erişim tarihi: 28 Ağustos 2009.
Preneel, Bart; van Oorschot, Paul C. (1995). "On the Security of Two MAC Algorithms". 23 Şubat 2009 tarihinde kaynağından arşivlendi. Erişim tarihi: 28 Ağustos 2009.
Keccak team. "Strengths of Keccak - Design and security". 6 Haziran 2017 tarihinde kaynağından arşivlendi. Erişim tarihi: 30 Ocak 2013. Unlike SHA-1 and SHA-2, Keccak does not have the length-extension weakness, hence does not need the HMAC nested construction. Instead, MAC computation can be performed by simply prepending the message with the key.
Bruce Schneier (Ağustos 2005). "SHA-1 Broken". 26 Haziran 2017 tarihinde kaynağından arşivlendi. Erişim tarihi: 9 Ocak 2009. although it doesn't affect applications such as HMAC where collisions aren't important
IETF (Şubat 1997). "RFC 2104". 29 Kasım 2016 tarihinde kaynağından arşivlendi. Erişim tarihi: 3 Aralık 2009. The strongest attack known against HMAC is based on the frequency of collisions for the hash function H ("birthday attack") [PV,BCK2], and is totally impractical for minimally reasonable hash functions.
Bellare, Mihir (Haziran 2006). "New Proofs for NMAC and HMAC: Security without Collision-Resistance". Dwork, Cynthia (Ed.). Advances in Cryptology – Crypto 2006 Proceedings. Lecture Notes in Computer Science 4117. Springer-Verlag. 16 Temmuz 2011 tarihinde kaynağından arşivlendi. Erişim tarihi: 25 Mayıs 2010. This paper proves that HMAC is a PRF under the sole assumption that the compression function is a PRF. This recovers a proof based guarantee since no known attacks compromise the pseudorandomness of the compression function, and it also helps explain the resistance-to-attack that HMAC has shown even when implemented with hash functions whose (weak) collision resistance is compromised.
Jongsung, Kim; Biryukov, Alex; Preneel, Bart; Hong, Seokhie (2006). "On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1" (PDF). 12 Mayıs 2013 tarihinde kaynağından (PDF) arşivlendi. Erişim tarihi: 20 Nisan 2017.
Wang, Xiaoyun; Yu, Hongbo; Wang, Wei; Zhang, Haina; Zhan, Tao (2009). "Cryptanalysis on HMAC/NMAC-MD5 and MD5-MAC" (PDF). 30 Nisan 2015 tarihinde kaynağından arşivlendi (PDF). Erişim tarihi: 15 Haziran 2015.
"RFC 6151 – Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms". Internet Engineering Task Force. Mart 2011. 15 Haziran 2017 tarihinde kaynağından arşivlendi. Erişim tarihi: 15 Haziran 2015.