Skip to main content
SpringerLink
Log in

CBCR: CBC MAC with rotating transformations

  • Research Papers
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Message authentication codes (MACs) are widely used to protect data integrity and data origin authentication in communications. In this paper, we propose a new block-cipher-based MAC algorithm, CBCR, with provable security for arbitrary-length messages. CBCR adopts rotating operations in the end of cipher-block-chaining structure, and it appends fixed-length prefixes to all messages, which implies flexible usages in practice. For example, these fixed-length prefixes can be filled with some security parameters, message redundancies, etc. We also propose CBCR0, a special case of CBCR that sets its prefix to be an all-zero block. Compared with CMAC, a recommended standard by the US National Institute of Standards and Technology (NIST), CBCR0 enjoys all the advantages that CMAC has, but requires less memory; so, in practical applications, CBCR0 behaves as well as CMAC does, and it is even more suitable for environments with limited memory resources, e.g. smart cards.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. ANSI X9.19, Financial Institution Retail Message Authentication. American Bankers Association, August 13, 1986

  2. Kent S. IP Authentication Header. RFC 4302, standards track, the Internet Society. 2005

  3. Zhang J W, Ma J F, Moon S J. Universally composable one-time signature and broadcast authentication. Sci China Inf Sci, 2010, 53: 567–580

    Article  MathSciNet  Google Scholar 

  4. Special Publication 800-38B. Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. National Institute of Standards and Technology, 2005

  5. Bellare M, Canetti R, Krawczyk H. Keying hash functions for message authentication. In: Koblitz N, ed. CRYPTO 96. LNCS 1109. Berlin: Springer, 1996. 1–15

    Google Scholar 

  6. Black J, Halevi S, Krawczyk H, et al. UMAC: Fast and secure message authentication. In: Wiener M J, ed. CRYPTO 99, LNCS 1666. Berlin: Springer, 1999. 216–233

    Google Scholar 

  7. Bernstein D J. The Poly1305-AES message-authentication code. In: Gilbert H, Handschuh H, eds. FSE 05, LNCS 3557. Berlin: Springer, 2005. 32–49

    Google Scholar 

  8. ISO 8731-2. Banking—Approved Algorithms for Message Authentication-Part 2: Message Authenticator Algorithm. Second Edition [Replaced by: ISO 16609 2004]

  9. FIPS 113. Computer Data Authentication. National Institute of Standards and Technology, 1985

  10. Bellare M, Kilian J, Rogaway P. The security of cipher block chaining. In: Desmedt Y, ed. CRYPTO 94, LNCS 839. Berlin: Springer, 1994. 341–358

    Google Scholar 

  11. Petrank E, Rackoff C. CBC MAC for real-time data sources. J Crypt, 2000, 13: 315–338

    Article  MathSciNet  MATH  Google Scholar 

  12. Black J, Rogaway P. CBC MACs for arbitrary-length messages: the three-key constructions. In: Bellare M, ed. CRYPTO 00, LNCS 1880. Berlin: Springer, 2000. 197–215

    Google Scholar 

  13. Kurosawa K, Iwata T. TMAC: Two-key CBC MAC. In: Joye M, ed. CT-RSA 03, LNCS 2612. Berlin: Springer, 2003. 33–49

    Google Scholar 

  14. Iwata T, Kurosawa K. OMAC: One-key CBC MAC. In: Johansson T, ed. FSE 03, LNCS 2887. Berlin: Springer, 2003. 129–153

    Google Scholar 

  15. Nandi M. Fast and secure CBC-type MAC algorithms. In: Dunkelman O, ed. FSE 09, LNCS 5665. Berlin: Springer, 2009. 375–393

    Google Scholar 

  16. 3GPP TS 35.201. Specification of the 3GPP Confidentiality and Integrity Algorithms; Document 1: f8 and f9 Specifications, available at http://www.3gpp.org/specifications, 2009

  17. Borst J, Preneel B, Rijmen V. Cryptography on smart cards. Comput Netw, 2001, 36: 423–435

    Article  Google Scholar 

  18. Maurer U M, Sjödin J. Single-key AIL-MACs from any FIL-MAC. In: Caires L, Italiano G F, Monteiro L, et al., eds. ICALP 05, LNCS 3580. Berlin: Springer, 2005. 472–484

    Google Scholar 

  19. Bellare M, Desai A, Jokipii E, et al. A concrete security treatment of symmetric encryption. In: Proceedings of the 38th Annual Symposium on Foundations of Computer Science, 1997. 394–403

  20. Bellare M, Rogaway P. The security of triple encryption and a framework for code-based game-playing proofs. In: Vaudenay S, ed. EUROCRYPT 06, LNCS 4004. Berlin: Springer, 2006. 409–426

    Google Scholar 

  21. Shoup V. Sequences of games: A tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332, 2004

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    LiTing Zhang, WenLing Wu & Lei Zhang

  2. Graduate University of Chinese Academy of Sciences, Beijing, 100049, China

    LiTing Zhang & Peng Wang

Authors
  1. LiTing Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. WenLing Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lei Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peng Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to LiTing Zhang.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zhang, L., Wu, W., Zhang, L. et al. CBCR: CBC MAC with rotating transformations. Sci. China Inf. Sci. 54, 2247–2255 (2011). https://doi.org/10.1007/s11432-011-4289-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-011-4289-5

Keywords

Search

Navigation