Home

CMAC

CMAC stands for Cipher-based Message Authentication Code. It is a method for producing a fixed-size authentication tag from a message and a secret key, using a block cipher as the underlying primitive. CMAC is designed to provide data integrity and authenticity, ensuring that a message has not been altered and that it originates with the holder of the secret key.

Conceptually, CMAC operates by processing the message as fixed-size blocks with a block cipher in CBC mode,

CMAC is designed to be secure when used with a secret key that is never reused for

See also: HMAC, CBC-MAC, block ciphers, AES, cryptographic standards.

starting
with
an
all-zero
initialization
vector.
Before
processing,
two
subkeys,
K1
and
K2,
are
derived
from
the
encryption
of
a
zero
block
and
a
finite-field
doubling
operation.
If
the
final
message
block
is
complete
(full
block),
it
is
XORed
with
K1;
if
it
is
partial,
the
block
is
padded
with
zeros
and
XORed
with
K2.
The
result
is
then
fed
through
the
CBC
chain,
and
the
final
block’s
output
is
taken
as
the
CMAC
tag.
For
a
block
cipher
with
128-bit
blocks
(such
as
AES),
the
default
tag
length
is
128
bits,
but
truncation
to
shorter
lengths
is
common
in
practice.
another
CMAC
with
the
same
key.
It
is
related
to
CBC-MAC
but
fixes
certain
weaknesses
through
the
subkey
construction.
It
is
standardized
in
NIST
SP
800-38B
and
is
applicable
to
any
block
cipher
with
a
suitable
block
size.