NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Fast and Secure CBC Type MAC Algorithms

Published

Author(s)

Mridul Nandi

Abstract

The CBC-MAC, or cipher block chaining message authentication code, is a well-known method to generate message authentication codes. Unfortunately, it is not forgery-secure over an arbitrary domain. There are several secure variants of CBC-MAC, among which OMAC (or one-key CBC-MAC) is a widely-used candidate. A simple variant of it, called CMAC, also has been recommended by NIST and is also used widely. Both OAMC and CMAC cost (s+1) blockcipher invocations to authenticate an s-block message, and it takes only one blockcipher key. In this paper we propose two secure and efficient variants of CBC-MAC. Our constructions cost only s block cipher encryptions to authenticate an s-block message, for all s >= 2. Moreover, GCBC2 needs only one block cipher encryption for almost all single block messages, and for all other single block messages, it costs two block cipher encryptions. We have also defined a class of generalized CBC-MAC constructions, and proved a sufficient condition for prf-security. In particular, we have provided an unified prf-security analysis of CBC-type constructions, e.g., XCBC, TMAC and our proposals GCBC1 and GCBC2.
Proceedings Title
Fast Software Encryption (Lecture Notes in Computer Science)
Volume
5665
Conference Dates
February 22-25, 2009
Conference Location
Leuven
Conference Title
16th International Workshop on Fast Software Encryption (FSE 2009)
Pub Type
Conferences

Download Paper

https://doi.org/10.1007/978-3-642-03317-9_23

Keywords

CBC-MAC, OMAC, padding rule, prf-security
Information technology and Cybersecurity and privacy

Citation

Nandi, M. (2009), Fast and Secure CBC Type MAC Algorithms, Fast Software Encryption (Lecture Notes in Computer Science), Leuven, -1, [online], https://doi.org/10.1007/978-3-642-03317-9_23 (Accessed October 16, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created July 21, 2009, Updated November 10, 2018
Was this page helpful?