STDmISO
9797-L-ENGL
L979
Li853903
OBL209b
Tb9
m
INTERNATIONAL STANDARD
O
ISO/IEC
ISO/IEC 9797-1:1999(E)
Information technology
-
Security techniques
-
Message Aut hentication Codes (MACs)
-
Part
1:
Mechanisms
using
a
block
cipher
1
Scope
This part of ISO/IEC 9797 specifies six MAC algorithms
that use a secret key and an n-bit block cipher to calcu-
late an rn-bit MAC. These mechanisms can be used
as
data integrity mechanisms to verify that data has not
been altered in an unauthorised manner. They can also
be used
as
message authentication mechanisms to pro-
vide assurance that
a
message has been originated by
an entity in possession of the secret key. The strength
of
the data integrity mechanism and message authenti-
cation mechanism
is
dependent on the length (in bits)
k"
and secrecy of the key, on the block length (in bits)
n
and strength of the block cipher, on the length (in bits)
m
of the MAC, and on the specific mechanism.
The
first
three mechanisms specified in this part of
ISO/IEC 9797 are commonly known
as
CBC-MAC
(CBC
is
the abbreviation of Cipher Block Chaining).
The calculation of a MAC
as
described in
IS0
8731-
1
and ANSI X9.9
is
a specific case
of
this part of
ISO/IEC 9797 when
n
=
64,
m
=
32, MAC Algorithm
1
and Padding Method
1
are used, and the block cipher
is DEA (ANSI X3.92: 1981). The calculation
of
a MAC
as
described in ANSI X9.19 and
IS0
9807
is
a
specific
case of this part
of
ISO/IEC 9797 when
n
=
64,
m
=
32,
either MAC Algorithm
1
or
MAC Algorithm 3
is
used
(both with Padding Method
l),
and the block cipher
is
DEA (ANSI X3.92: 1981).
The fourth mechanism
is
a variant of CBC-MAC with
a
special initial transformation. It
is
recommended for
applications which require that t8he key length
of
the
MAC algorit.hm
is
twice that of the block cipher.
NOTES
1
For
example, in the case
of
DEA (ANSI
X3.92:
1981),
the block cipher key length
is
56
bits, while the MAC
algorithm key length
is
112
bits.
2
When used with DEA (which
is
also known
as
DES),
this algorithm
is
called MacDES
[12].
bine the two results with a bitwise exclusive-or opera-
tion. They are recommended for applications which re-
quire an increased security level against forgery attacks
(cf. Annex B). The fifth mechanism uses
a
single length
MAC algorithm key, while the sixth mechanism doubles
the MAC algorithm key length.
This part of
ISO/IEC
9797 can be applied to the se-
curity services of any security architecture, process,
or
application.
2
Normative
references
The following standards contain provisions which,
through reference in this text, constitute provisions
of
this part
of
ISO/IEC 9797. At the time
of
publication,
the editions indicated were valid. All standards are sub-
ject to revision, and parties to agreements based on this
part
of
ISO/IEC 9797 are encouraged to investigate the
possibility
of
applying the most recent editions of the
standards indicated below. Members of IEC
and
IS0
maintain registers
of
currently valid International Stan-
dards.
IS0
7498-2: 1989,
Information processing systems
-
Open Systems Interconnection
-
Basic Reference Model
-
Part
2:
Security Architecture.
ISO/IEC 9798-1: 1997,
Information technology
-
Se-
curity techniques
-
Entity authentication
-
Part
l:
General.
ISO/IEC
10116: 1997,
Information technology
-
Secu-
rity techniques
-
Modes
of
operation for an n-bit block
cipher.
3
Definitions
3.1
This part
of
ISO/IEC 9797 makes use of the follow-
ing general security-related term defined
in
IS0
7498-2.
The fifth and sixth mechanism use two parallel instances
of the first and fourth mechanism respectively, and com-
1
COPYRIGHT International Organization for Standardization
Licensed by Information Handling Services
COPYRIGHT International Organization for Standardization
Licensed by Information Handling Services
5星 · 超过95%的资源 需积分: 50 139 浏览量
2009-11-27
14:35:04
上传
评论
收藏 1.12MB PDF 举报 
- 1
- 2
前往页