How to turn an unkeyed hash into a keyed hash

by
John
from John D. Cook on (#6AFGY)

Secure hash functions often do not take a key per se, but they can be used with a key. Adding a key to a hash is useful, for example, to prevent a rainbow table attack.

There are a couple obvious ways to incorporate a key K when hashing a message M. One is to prepend the key to M before hashing. The other is to append K to M before hashing. That is, we either stick K onto the front or the end of M, then apply the hash function.

Both of these approaches could be vulnerable to attack under certain circumstances for reasons that are more complicated than I'd like to go into. Instead, a better approach is prepend and append the key. This is called the envelope method or more descriptively the sandwich method because the message is sandwiched between two copies of the key.

For details, see Ken Yasuda's paper Sandwich' Is Indeed Secure: How to Authenticate a Message with Just One Hashing", Australasian Conference on Information Security and Privacy, ACISP 2007: Information Security and Privacy pp 355-369.

Related postsThe post How to turn an unkeyed hash into a keyed hash first appeared on John D. Cook.
External Content
Source RSS or Atom Feed
Feed Location http://feeds.feedburner.com/TheEndeavour?format=xml
Feed Title John D. Cook
Feed Link https://www.johndcook.com/blog
Reply 0 comments