Skip to main content
Cryptography

Questions tagged [cmac]

Ask Question

CMAC is a block cipher-based message authentication code algorithm.

59 questions
Newest Active Bountied Unanswered
3 votes
0 answers
66 views

My goal is to build a simple as possible AES-based Deterministic Authenticated Encryption (DAE) scheme. If I look at the SIV scheme defined by Rogaway and Shrimpton, they need to define S2V to have ...
Ruggero's user avatar
  • 7,429
3 votes
3 answers
1k views

I am taking the Online cryptography course by Dan Boneh. There is a segment that talks about MAC Padding. Padding is an act of appending bits to the last block of the message for the MAC constructed ...
Continuous Improvement's user avatar
  • 55
1 vote
1 answer
268 views

Is it possible to generate a 24 bytes CMAC using AES-192 or AES-256 and if so, how? According to AN10922AN10922.0df,looks like we can generate 24 bytes and 32 bytes key using div constant ?
Rohit Kumar's user avatar
  • 11
5 votes
1 answer
429 views

I need to select a function that will be used as a key derivation function (KDF) and pseudorandom function (PRF) in contexts that I haven't anticipated. It will run on very low-end devices (think ...
Gilles 'SO- stop being evil''s user avatar
  • 20.7k
1 vote
0 answers
341 views

If understood right, CMAC is not quantum-safe because it relies on AES-128 (which isn't considered as quantum-safe), while HMAC is, because it relies on SHA3 (which is considered as quantum-safe). Did ...
bilaljo's user avatar
  • 163
1 vote
0 answers
94 views

Consider the following construction of a SKE scheme $\Pi^*=(Enc^*,Dec^*)$ based on a PRF family $F=\{F_k:\{0,1\}^n\rightarrow \{0,1\}^n\}_{k\in\{0,1\}^\lambda}$ and on a MAC $ Tag:\{0,1\}^\lambda \...
Giusy's user avatar
  • 33
1 vote
1 answer
173 views

CMAC is defined for AES for authentication. My question is pretty simple: is it possible to extend CMAC for ChaCha? Does it even make sense? I cannot find anything related and I am wondering if I am ...
Pol Henarejos's user avatar
  • 13
2 votes
2 answers
1k views

I am looking to verify a card cryptogram sent from a smart card chip in accordance with SCP03. According to the SCP03 spec, the CMAC is used to generate a MAC to authenticate messages sent to/from the ...
veda-s4dhak's user avatar
  • 21
2 votes
2 answers
959 views

I am a bit unsure about CMAC and GMAC and maybe someone can help me. As far as I know, CMAC does not use an IV [SP 800-38B ch. 6.2]. Is it then secure if I use the same key for different messages? ......
SBond's user avatar
  • 143
1 vote
1 answer
670 views

Generally, when we want to generate a signature for message M we use hash function H, and sign the result of H(M) with the private key. What if instead of hash function H we would use a CMAC with key ...
morsisko's user avatar
  • 113
1 vote
1 answer
106 views

I am working on masking in CMAC. If masking is not used, then what will be the behavior of CMAC?
harpreet's user avatar
  • 11
0 votes
1 answer
121 views

From the description of CMAC and HMAC, given the key and the tag, I think it is easy to derive the CMAC message than the HMAC message. After obtaining the key and tag for CMAC, an intruder can apply ...
Mohit Kumar Jangid's user avatar
  • 15
0 votes
1 answer
2k views

I'm searching for a simple description that tells me in a schematic way how hmac and cmac is calculated. So far I found the following: ...
MaMa's user avatar
  • 39
1 vote
0 answers
298 views

Consider the nonce-based Carter-Wegman MAC which works on key space $K=\{0,1\}^n \times \{0,1\}^n,$ message space $M=\{0,1\}^{mn}$, nonce space $N=\{0,1\}^n$ and the tag space $T=\{0,1\}^n$ as follows:...
Sayantan's user avatar
  • 141
12 votes
0 answers
269 views

In an interesting paper called "Partitioning Oracle Attacks" by Julia Len, Paul Grubbs & Thomas Ristenpart an attack is presented on 1.5 pass AEAD schemes that utilize GMAC (GCM, AES-GCM,...
Maarten Bodewes's user avatar
  • 97.3k

15 30 50 per page
1
2 3 4