论文信息 - Status of This Memo The AES-CMAC-96 Algorithm and Its Use with IPsec

Status of This Memo The AES-CMAC-96 Algorithm and Its Use with IPsec

The National Institute of Standards and Technology (NIST) has recently specified the Cipher-based Message Authentication Code (CMAC), which is equivalent to the One-Key CBC-MAC1 (OMAC1) algorithm submitted by Iwata and Kurosawa. OMAC1 efficiently reduces the key size of Extended Cipher Block Chaining mode (XCBC). This memo specifies the use of CMAC mode as an authentication mechanism of the IPsec Encapsulating Security Payload (ESP) and the Authentication Header (AH) protocols. This new algorithm is named AES-CMAC-96. [STANDARDS-TRACK]

Radha Poovendran | Jicheol Lee | JunHyuk Song | R. Poovendran

[1] Dirk Fox,et al. Advanced Encryption Standard (AES) , 1999, Datenschutz und Datensicherheit.

[2] P. Rogaway,et al. Comments to NIST concerning AES Modes of Operations : A Suggestion for Handling Arbitrary-Length Messages with the CBC MAC , 1998 .

[3] Radha Poovendran,et al. The AES-CMAC Algorithm , 2006, RFC.

[4] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[5] John Black,et al. CBC MACs for Arbitrary-Length Messages: The Three-Key Constructions , 2000, Journal of Cryptology.

[6] Kaoru Kurosawa,et al. OMAC: One-Key CBC MAC , 2003, IACR Cryptol. ePrint Arch..

[7] Stephen T. Kent,et al. IP Authentication Header , 1995, RFC.