CBC-MAC (2024)

Table of Contents
Contents Variable-length messages[] Using the same key for encryption and authentication[] See also[] References[] FAQs

In cryptography, a Cipher Block Chaining Message Authentication Code, abbreviated CBC-MAC, is a technique for constructing a message authentication code from a block cipher. The message is encrypted with some block cipher algorithm in CBC mode to create a chain of blocks such that each block depends on the proper encryption of the previous block. This interdependence ensures that a change to any of the plaintext bits will cause the final encrypted block to change in a way that cannot be predicted or counteracted without knowing the key to the block cipher.

To calculate the CBC-MAC of message CBC-MAC (1) one encrypts CBC-MAC (2) in CBC mode with zero initialization vector. The following figure sketches the computation of the CBC-MAC of a message comprising blocks CBC-MAC (3) using a secret key CBC-MAC (4) and a block cipher CBC-MAC (5):

See Also
Which Types of Encryption are Most Secure?

File:CBC-MAC structure (en).svg

Contents

  • 1 Variable-length messages
  • 2 Using the same key for encryption and authentication
  • 3 See also
  • 4 References

Variable-length messages[]

Given a secure block cipher, CBC-MAC is secure for fixed-length messages. However, by itself, it is not secure for variable-length messages.An attacker who knows the correct message-tag (i.e. CBC-MAC) pairs CBC-MAC (6) CBC-MAC (7) and CBC-MAC (8) CBC-MAC (9) can generate a third message CBC-MAC (10) whose CBC-MAC will also be CBC-MAC (11). This is simply done by XORing the first block of CBC-MAC (12) with CBC-MAC (13) and then concatenating CBC-MAC (14) with this modified CBC-MAC (15), i.e. by making CBC-MAC (16).


This problem cannot be solved by adding a message-size block (e.g., with Merkle-Damgård strengthening) and thus it is recommended to use a different mode of operation, for example, CMAC to protect integrity of variable-length messages. Slatty

Using the same key for encryption and authentication[]

One common mistake is to reuse the same key CBC-MAC (17) for CBC encryption and CBC-MAC. Although a reuse of a key for different purposes is a bad practice in general, in this particular case the mistake leads to a spectacular attack. Suppose that one encrypts a message CBC-MAC (18) in the CBC mode using an CBC-MAC (19) and gets the following ciphertext: CBC-MAC (20), where CBC-MAC (21). He also generates the CBC-MAC tag for the IV and the message: CBC-MAC (22) Now an attacker can change every bit before the last block CBC-MAC (23) and the MAC tag still be valid. The reason is that CBC-MAC (24) (this is actually the reason why people make this mistake so often—it allows to increase the performance by a factor of two). Hence as far as the last block is not changed the equivalence CBC-MAC (25) holds and thus the CBC-MAC tag is correct.

This example also shows that a CBC-MAC cannot be used as a collision resistant one-way function: given a key it is trivial to create a different message which “hashes” to the same tag.

See also[]

  • CMAC — A block-cipher–based MAC algorithm which is secure for messages of different lengths (recommended by NIST).
  • OMAC and PMAC — Other methods to turn block ciphers into message authentication codes (MACs).
  • One-way compression function - Hash functions can be made from block ciphers. But note, there are significant differences in function and uses for security between MACs (such as CBC-MAC) and hashes.
  • DAA — A (now obsolete) U.S. government standard instantiation of CBC-MAC.

References[]

  1. ISO/IEC 9797-2:2002
  2. The security of the cipher block chaining message authentication code.
Cryptography navbox
Block ciphers

AES - Blowfish - DES - Serpent - Twofish

fr:CBC-MACit:CBC-MAC

CBC-MAC (2024)

FAQs

What is meant by CBC-MAC? ›

The CBC MAC is the customary way to make a message authentication code (MAC) from a block cipher. It is the subject of several standards, including [1, 5, 6]. It is well-known and well-understood.

Read On
What is the difference between HMAC and CBC-MAC? ›

HMAC is based on hash functions while CMAC is based on block ciphers. All MAC algorithms of this service combine a cryptographic hash function and a shared secret key. They take a message and a secret key, such as the key material in a key, and return a unique tag or mac.

Discover More Details
What is the difference between CMAC and CBC-MAC? ›

CMAC is a simple variant of the CBC MAC (Cipher Block Chaining Message Authentication Code). Whereas the basic CBC MAC is only secure on messages of one fixed length (and that length must be a multiple of the block size), CMAC takes and is secure across messages of any bit length.

Continue Reading
Is CBC-MAC secure? ›

One solution is to include the length of the message in the first block; in fact CBC-MAC has been proven secure as long as no two messages that are prefixes of each other are ever used and prepending the length is a special case of this.

See Details
What infection does CBC detect? ›

Increased number of lymphocytes: Your bone marrow may produce excess lymphocytes if you have a viral or chronic bacterial infection, lymphocytic leukemia, or multiple myeloma. Increased number of monocytes: This can be due to chronic inflammatory disease, leukemia, parasitic infection, tuberculosis, or viral infection.

Find Out More
What does a CBC test tell you? ›

It can detect blood cancers, anemia, infections and other conditions. For a CBC blood test, a healthcare provider takes a sample of your blood and sends it to a lab. The lab measures the amount of red blood cells, hemoglobin (the protein that carries oxygen in your red blood cells), white blood cells and platelets.

Tell Me More
What is the difference between CCMP and CBC-MAC? ›

Technical details. CCMP uses CCM that combines CTR mode for data confidentiality and cipher block chaining message authentication code (CBC-MAC) for authentication and integrity. CCM protects the integrity of both the MPDU data field and selected portions of the IEEE 802.11 MPDU header.

Show Me More
What is a CBC-MAC message authentication code? ›

The cipher block chaining-message authentication code (CBC-MAC) (see [240,317,318]) is a message integrity method that uses block ciphers such as DES and AES. Each block of plaintext is encrypted with the cipher and then xor'd with the next encrypted block.

Explore More
Why use HMAC instead of MAC? ›

The HMAC construction enhances the security of MACs by incorporating additional steps in the computation of the tag. It provides resistance against certain types of attacks and offers a higher level of security assurance compared to traditional MAC algorithms.

Continue Reading
What are the four types of MAC? ›

  • MacBook Air New.
  • MacBook Pro.
  • iMac.
  • Mac mini.
  • Mac Studio.
  • Mac Pro.
  • Compare.
  • Displays.

Show Me More

What does MAC code stand for? ›

Message Authentication Code (MAC) Defined

Message Authentication Code (MAC), also referred to as a tag, is used to authenticate the origin and nature of a message. MACs use authentication cryptography to verify the legitimacy of data sent through a network or transferred from one person to another.

Read The Full Story
What is MAC HMAC and CMAC? ›

CMAC and HMAC are both cryptographic hash functions used to verify data integrity and authenticity, but they differ in key ways. CMAC produces a fixed-length output while HMAC's output can vary in length. CMAC uses a block cipher, whereas HMAC uses a cryptographic hash function.

See Details
How does CBC-MAC work? ›

CBC-MAC is a MAC algorithm based on the Cipher Block Chaining (CBC) mode of a block cipher. In the CBC mode, the previous ciphertext is xored to the plaintext block before the block cipher is applied. The MAC value is derived from the last ciphertext block.

Get More Info Here
Why is CBC-MAC insecure if a random IV is used? ›

This is so because if we XOR the first block with random IV before it first comes into contact with the block cipher, then changing only the first block together with a corresponding change in IV may yield into same authentication tag as earlier, thus breaking the CBC-MAC scheme.

Continue Reading
Is CBC still secure? ›

Microsoft believes that it's no longer safe to decrypt data encrypted with the Cipher-Block-Chaining (CBC) mode of symmetric encryption when verifiable padding has been applied without first ensuring the integrity of the ciphertext, except for very specific circ*mstances.

View More
What is Counter Mode with CBC-MAC? ›

CCM mode (counter with cipher block chaining message authentication code; counter with CBC-MAC) is a mode of operation for cryptographic block ciphers. It is an authenticated encryption algorithm designed to provide both authentication and confidentiality.

View Details
What does CBC mean in encryption? ›

Cipher Block Chaining (CBC) is a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted.

See More
What is the IV of CBC-MAC? ›

With CBC-MAC usually the IV used is 0. This is a problem because 2 known messages ( m1 and m2 ) independently will generate 2 signatures ( s1 and s2 ). So: E(m1 XOR 0) = s1.

Learn More
Top Articles
How to Earn a Regular Income on eBay - Time and Pence
How to Make a Retirement Budget That Works So You Don’t Have to
Where To Go After Howling Pit Code Vein
Radikale Landküche am Landgut Schönwalde
Sprinter Tyrone's Unblocked Games
Davita Internet
Yogabella Babysitter
What Are the Best Cal State Schools? | BestColleges
How To Be A Reseller: Heather Hooks Is Hooked On Pickin’ - Seeking Connection: Life Is Like A Crossword Puzzle
DENVER Überwachungskamera IOC-221, IP, WLAN, außen | 580950
Craigslist Cars And Trucks Buffalo Ny
Gw2 Legendary Amulet
Nwi Police Blotter
13 The Musical Common Sense Media
Zoebaby222
Helloid Worthington Login
More Apt To Complain Crossword
Los Angeles Craigs List
Craigslist Mpls Cars And Trucks
Les Schwab Product Code Lookup
2016 Ford Fusion Belt Diagram
Wilmot Science Training Program for Deaf High School Students Expands Across the U.S.
SXSW Film & TV Alumni Releases – July & August 2024
Boscov's Bus Trips
Air Quality Index Endicott Ny
Craigslist Wilkes Barre Pa Pets
Parkeren Emmen | Reserveren vanaf €9,25 per dag | Q-Park
What Equals 16
Mjc Financial Aid Phone Number
Miller Plonka Obituaries
Halsted Bus Tracker
Fox And Friends Mega Morning Deals July 2022
Goodwill Houston Select Stores Photos
Shih Tzu dogs for sale in Ireland
Stafford Rotoworld
Craigslist Lakeside Az
Busted Newspaper Campbell County KY Arrests
Samantha Lyne Wikipedia
2007 Jaguar XK Low Miles for sale - Palm Desert, CA - craigslist
The Conners Season 5 Wiki
Achieving and Maintaining 10% Body Fat
Promo Code Blackout Bingo 2023
John M. Oakey & Son Funeral Home And Crematory Obituaries
Frequently Asked Questions
Samsung 9C8
Cvs Minute Clinic Women's Services
Hampton Inn Corbin Ky Bed Bugs
What Is The Gcf Of 44J5K4 And 121J2K6
Turning Obsidian into My Perfect Writing App – The Sweet Setup
Southern Blotting: Principle, Steps, Applications | Microbe Online
Latest Posts
9 Ways to Actually Make Money Blogging
75 Old Fashioned Living Tips to save money today - Tuppennys Fireplace
Article information

Author: Msgr. Benton Quitzon

Last Updated:

Views: 6602

Rating: 4.2 / 5 (43 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Msgr. Benton Quitzon

Birthday: 2001-08-13

Address: 96487 Kris Cliff, Teresiafurt, WI 95201

Phone: +9418513585781

Job: Senior Designer

Hobby: Calligraphy, Rowing, Vacation, Geocaching, Web surfing, Electronics, Electronics

Introduction: My name is Msgr. Benton Quitzon, I am a comfortable, charming, thankful, happy, adventurous, handsome, precious person who loves writing and wants to share my knowledge and understanding with you.