论文信息 - The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec

The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec

A Message Authentication Code (MAC) is a key-dependent one way hash function. One popular way to construct a MAC algorithm is to use a block cipher in conjunction with the Cipher-Block-Chaining (CBC) mode of operation. The classic CBC-MAC algorithm, while secure for messages of a pre-selected fixed length, has been shown to be insecure across messages of varying lengths such as the type found in typical IP datagrams. This memo specifies the use of AES in CBC mode with a set of extensions to overcome this limitation. This new algorithm is named AES-XCBC-MAC-96.

Sheila Frankel | Howard C. Herbert

[1] Stephen T. Kent,et al. IP Authentication Header , 1995, RFC.

[2] Dirk Fox,et al. Advanced Encryption Standard (AES) , 1999, Datenschutz und Datensicherheit.

[3] John Black,et al. CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions , 2000, Journal of Cryptology.

[4] Joan Daemen,et al. AES Proposal : Rijndael , 1998 .

[5] Morris J. Dworkin,et al. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[6] Scott O. Bradner,et al. Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[7] Scott O. Bradner,et al. The Internet Standards Process - Revision 3 , 1996, RFC.

[8] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[9] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[10] Mihir Bellare,et al. The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[11] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[12] Cheryl Madson,et al. The Use of HMAC-SHA-1-96 within ESP and AH , 1998, RFC.