CBC-MAC
E663889
CBC-MAC (Cipher Block Chaining Message Authentication Code) is a cryptographic technique that uses a block cipher in CBC mode to generate a fixed-size tag for ensuring data integrity and authenticity.
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
cryptographic primitive
ⓘ
message authentication code ⓘ symmetric-key algorithm ⓘ |
| assumes | adversary cannot forge tag without key ⓘ |
| basedOn | iterated application of a block cipher ⓘ |
| canBeExtendedBy |
CMAC to handle variable-length messages securely
ⓘ
XCBC-MAC to handle variable-length messages securely ⓘ |
| canShareKeyWith | encryption only with careful design ⓘ |
| category |
block-cipher-based MAC
ⓘ
symmetric cryptography ⓘ |
| designGoal | efficient MAC using existing block ciphers ⓘ |
| doesNotRequire | cryptographic hash function ⓘ |
| finalTagDerivedFrom | last ciphertext block ⓘ |
| fullName | Cipher Block Chaining Message Authentication Code NERFINISHED ⓘ |
| generalizationOf | MACs derived from CBC mode ⓘ |
| influencedDesignOf |
CMAC
NERFINISHED
ⓘ
XCBC-MAC NERFINISHED ⓘ |
| introducedAs | MAC construction from CBC encryption ⓘ |
| isNotSecureFor | variable-length messages without modifications ⓘ |
| isSecureFor | fixed-length messages ⓘ |
| mustUse | fixed, known message length per key for security ⓘ |
| notRecommendedFor | general-purpose variable-length message authentication ⓘ |
| operatesOn | fixed-length messages ⓘ |
| outputType |
MAC tag
ⓘ
fixed-size tag ⓘ |
| providesProperty |
data integrity
ⓘ
data origin authentication ⓘ |
| relatedTo |
CMAC
NERFINISHED
ⓘ
EMAC NERFINISHED ⓘ XCBC-MAC ⓘ |
| requires |
secret key
ⓘ
secure key management ⓘ unique key for each security context ⓘ |
| requiresBlockSize | block size of underlying cipher ⓘ |
| securityDependsOn |
proper message length handling
ⓘ
underlying block cipher security ⓘ |
| standardizedIn | NIST SP 800-38B NERFINISHED ⓘ |
| tagLength |
may be truncated for efficiency
ⓘ
often equal to block size ⓘ |
| typicalCipher |
3DES
NERFINISHED
ⓘ
AES NERFINISHED ⓘ |
| usedIn | legacy cryptographic protocols ⓘ |
| usesCipherType | block cipher ⓘ |
| usesMode | CBC mode ⓘ |
| usesOperation | XOR of plaintext block with previous ciphertext block ⓘ |
| vulnerableTo | length-extension attacks on variable-length messages ⓘ |
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.
subject surface form:
AES-CCMP