Comparison of CBC MAC Variants and Comments on NIST’s Consultation Paper

نویسنده

  • Tetsu Iwata
چکیده

We consider two RMACs. One is RMAC defined in NIST’s draft [5], which we write RMAC1, with parameter set IV or V, where AES is used as the underlying block cipher, and uses a nonce R. The other one is RMAC mode 2 stated in NIST’s consultation paper [6], which we write RMAC2, where AES128 is used to compute the CBC MAC tag, AES256 is used to encrypt it, and uses a nonce R. We write RMAC to mean both RMAC1 and RMAC2 1 .

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Fast and Secure CBC-Type MAC Algorithms

The CBC-MAC or cipher block chaining message authentication code, is a well-known method to generate message authentication codes. Unfortunately, it is not forgery-secure over an arbitrary domain. There are several secure variants of CBC-MAC, among which OMAC is a widely-used candidate. To authenticate an s-block message, OMAC costs (s+1) block cipher encryptions (one of these is a zero block e...

متن کامل

Report on the Second Modes of Operation Workshop [August 2001]

Morris Dworkin, a mathematician from NIST’s Computer Security Division, served as the moderator of the workshop. He welcomed the attendees and introduced the other participants from NIST: Bill Burr, Elaine Barker, Aaron Nelson, and, at the registration table, Vickie Harris and Teresa Vicente. He reviewed the three current Federal Information Processing Standards (FIPS) that establish block ciph...

متن کامل

Report on the Second Modes of Operation Workshop (August 2001)

Morris Dworkin, a mathematician from NIST’s Computer Security Division, served as the moderator of the workshop. He welcomed the attendees and introduced the other participants from NIST: Bill Burr, Elaine Barker, Aaron Nelson, and, at the registration table, Vickie Harris and Teresa Vicente. He reviewed the three current Federal Information Processing Standards (FIPS) that establish block ciph...

متن کامل

CBC MAC for Real - Time Data

The Cipher Block Chaining (CBC) Message Authentication Code (MAC) is an authentication method which is widely used in practice. It is well known that the naive use of CBC MAC for variable length messages is not secure, and a few thumb rules for the correct use of CBC MAC are known by \folklore". The rst rigorous proof of the security of CBC MAC, when used on xed length messages, was given only ...

متن کامل

Comments to NIST concerning AES Modes of Operations: A Suggestion for Handling Arbitrary-Length Messages with the CBC MAC

The CBC MAC is the customary way to make a message authentication code (MAC) from a block cipher. It is the subject of several standards, including [1, 5, 6]. It is well-known and well-understood. Given all this, it seems likely that the CBC MAC will be standardized as an AES mode of operation. In this note we suggest a nice version of the CBC MAC that one might select for this purpose. We reca...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2003