Message Authentication Code based on Block Cipher | MAC based on Block Cipher | Data Authentication algorithm (DAA) | Cipher based Message Authentication Code (CMAC)

     Data Authentication Algorithm (DAA)

Figure: DAA Block Diagram

One of the most widely used MACs is referred to as the Data Authentication Algorithm. The algorithm is designed using the Cipher Block Chaining mode of operation of DES, as shown in figure. The data (e.g., message, record, file, or program) to be authenticated are grouped into fixed size 64-bit blocks: D1, D2,….., DN. If necessary, the final block is padded on the right with zeroes to make a 64-bit blocks. Using the DES encryption algorithm and a secret key, a data authentication code (DAC) is calculated as follows:

The DAC consists of either the entire block ON or the leftmost M bits of the block, with 16 ≤ M ≤ 64.

Cipher based message authentication code (CMAC)

 

Figure: CMAC Block Diagram

Data Authentication Algorithm (DAA), which is now obsolete. Then CMAC, which is designed to overcome the deficiencies of DAA. Cipher-based Message Authentication Code (CMAC) mode of operation for use with AES and triple DES. First, let us define the operation of CMAC when the message is an integer multiple n of the cipher block length b. For AES, b=128, and for triple DES, b=64. The message is divided into n blocks (M1, M2,…, Mn ).

For AES, the key size is 128, 192, or 256 bits; for triple DES, the key size is 112 or 168 bits. CMAC is calculated as follows:

C1 = E(K, M1)

C2 = E(K, [M2 ⊕ C1])

C3 = E(K, [M3 ⊕ C2])

   .

   .

   .

Cn = E(K, [Mn ⊕ Cn-1 ⊕ K1])

T = MSBTlen(Cn)

To learn more about MAC based on Block Cipher, Click here

   Watch more videos click here.