TY - JOUR
T1 - CBCR
T2 - CBC MAC with rotating transformations
AU - Zhang, Li Ting
AU - Wu, Wen Ling
AU - Zhang, Lei
AU - Wang, Peng
N1 - Funding Information:
This work was supported by the National High-Tech Research & Development Program of China (Grant No. 2007AA01Z470), the National Natural Science Foundation of China (Grant Nos. 60873259, 60903219), the National Basic Research Program of China (Grant No. 2004CB318004), and the Knowledge Innovation Project of the Chinese Academy of Sciences.
PY - 2011/11
Y1 - 2011/11
N2 - Message authentication codes (MACs) are widely used to protect data integrity and data origin authentication in communications. In this paper, we propose a new block-cipher-based MAC algorithm, CBCR, with provable security for arbitrary-length messages. CBCR adopts rotating operations in the end of cipher-block-chaining structure, and it appends fixed-length prefixes to all messages, which implies flexible usages in practice. For example, these fixed-length prefixes can be filled with some security parameters, message redundancies, etc. We also propose CBCR0, a special case of CBCR that sets its prefix to be an all-zero block. Compared with CMAC, a recommended standard by the US National Institute of Standards and Technology (NIST), CBCR0 enjoys all the advantages that CMAC has, but requires less memory; so, in practical applications, CBCR0 behaves as well as CMAC does, and it is even more suitable for environments with limited memory resources, e. g. smart cards.
AB - Message authentication codes (MACs) are widely used to protect data integrity and data origin authentication in communications. In this paper, we propose a new block-cipher-based MAC algorithm, CBCR, with provable security for arbitrary-length messages. CBCR adopts rotating operations in the end of cipher-block-chaining structure, and it appends fixed-length prefixes to all messages, which implies flexible usages in practice. For example, these fixed-length prefixes can be filled with some security parameters, message redundancies, etc. We also propose CBCR0, a special case of CBCR that sets its prefix to be an all-zero block. Compared with CMAC, a recommended standard by the US National Institute of Standards and Technology (NIST), CBCR0 enjoys all the advantages that CMAC has, but requires less memory; so, in practical applications, CBCR0 behaves as well as CMAC does, and it is even more suitable for environments with limited memory resources, e. g. smart cards.
KW - block cipher
KW - cipher block chaining
KW - message authentication code
KW - provable security
UR - http://www.scopus.com/inward/record.url?scp=80255131371&partnerID=8YFLogxK
U2 - 10.1007/s11432-011-4289-5
DO - 10.1007/s11432-011-4289-5
M3 - Article
AN - SCOPUS:80255131371
SN - 1674-733X
VL - 54
SP - 2247
EP - 2255
JO - Science China Information Sciences
JF - Science China Information Sciences
IS - 11
ER -