Abstract
Message authentication codes (MACs) are widely used to protect data integrity and data origin authentication in communications. In this paper, we propose a new block-cipher-based MAC algorithm, CBCR, with provable security for arbitrary-length messages. CBCR adopts rotating operations in the end of cipher-block-chaining structure, and it appends fixed-length prefixes to all messages, which implies flexible usages in practice. For example, these fixed-length prefixes can be filled with some security parameters, message redundancies, etc. We also propose CBCR0, a special case of CBCR that sets its prefix to be an all-zero block. Compared with CMAC, a recommended standard by the US National Institute of Standards and Technology (NIST), CBCR0 enjoys all the advantages that CMAC has, but requires less memory; so, in practical applications, CBCR0 behaves as well as CMAC does, and it is even more suitable for environments with limited memory resources, e.g. smart cards.
Similar content being viewed by others
References
ANSI X9.19, Financial Institution Retail Message Authentication. American Bankers Association, August 13, 1986
Kent S. IP Authentication Header. RFC 4302, standards track, the Internet Society. 2005
Zhang J W, Ma J F, Moon S J. Universally composable one-time signature and broadcast authentication. Sci China Inf Sci, 2010, 53: 567–580
Special Publication 800-38B. Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. National Institute of Standards and Technology, 2005
Bellare M, Canetti R, Krawczyk H. Keying hash functions for message authentication. In: Koblitz N, ed. CRYPTO 96. LNCS 1109. Berlin: Springer, 1996. 1–15
Black J, Halevi S, Krawczyk H, et al. UMAC: Fast and secure message authentication. In: Wiener M J, ed. CRYPTO 99, LNCS 1666. Berlin: Springer, 1999. 216–233
Bernstein D J. The Poly1305-AES message-authentication code. In: Gilbert H, Handschuh H, eds. FSE 05, LNCS 3557. Berlin: Springer, 2005. 32–49
ISO 8731-2. Banking—Approved Algorithms for Message Authentication-Part 2: Message Authenticator Algorithm. Second Edition [Replaced by: ISO 16609 2004]
FIPS 113. Computer Data Authentication. National Institute of Standards and Technology, 1985
Bellare M, Kilian J, Rogaway P. The security of cipher block chaining. In: Desmedt Y, ed. CRYPTO 94, LNCS 839. Berlin: Springer, 1994. 341–358
Petrank E, Rackoff C. CBC MAC for real-time data sources. J Crypt, 2000, 13: 315–338
Black J, Rogaway P. CBC MACs for arbitrary-length messages: the three-key constructions. In: Bellare M, ed. CRYPTO 00, LNCS 1880. Berlin: Springer, 2000. 197–215
Kurosawa K, Iwata T. TMAC: Two-key CBC MAC. In: Joye M, ed. CT-RSA 03, LNCS 2612. Berlin: Springer, 2003. 33–49
Iwata T, Kurosawa K. OMAC: One-key CBC MAC. In: Johansson T, ed. FSE 03, LNCS 2887. Berlin: Springer, 2003. 129–153
Nandi M. Fast and secure CBC-type MAC algorithms. In: Dunkelman O, ed. FSE 09, LNCS 5665. Berlin: Springer, 2009. 375–393
3GPP TS 35.201. Specification of the 3GPP Confidentiality and Integrity Algorithms; Document 1: f8 and f9 Specifications, available at http://www.3gpp.org/specifications, 2009
Borst J, Preneel B, Rijmen V. Cryptography on smart cards. Comput Netw, 2001, 36: 423–435
Maurer U M, Sjödin J. Single-key AIL-MACs from any FIL-MAC. In: Caires L, Italiano G F, Monteiro L, et al., eds. ICALP 05, LNCS 3580. Berlin: Springer, 2005. 472–484
Bellare M, Desai A, Jokipii E, et al. A concrete security treatment of symmetric encryption. In: Proceedings of the 38th Annual Symposium on Foundations of Computer Science, 1997. 394–403
Bellare M, Rogaway P. The security of triple encryption and a framework for code-based game-playing proofs. In: Vaudenay S, ed. EUROCRYPT 06, LNCS 4004. Berlin: Springer, 2006. 409–426
Shoup V. Sequences of games: A tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332, 2004
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, L., Wu, W., Zhang, L. et al. CBCR: CBC MAC with rotating transformations. Sci. China Inf. Sci. 54, 2247–2255 (2011). https://doi.org/10.1007/s11432-011-4289-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-011-4289-5