One-key MAC (OMAC) is a family of message authentication codes constructed from a block cipher much like the CBC-MAC algorithm. It may be used to provide assurance of the authenticity and, hence, the integrity of data. Two versions are defined:
OMAC is free for all uses: it is not covered by any patents. [4]
The core of the CMAC algorithm is a variation of CBC-MAC that Black and Rogaway proposed and analyzed under the name "XCBC" [5] and submitted to NIST. [6] The XCBC algorithm efficiently addresses the security deficiencies of CBC-MAC, but requires three keys.
Iwata and Kurosawa proposed an improvement of XCBC that requires less key material (just one key) and named the resulting algorithm One-Key CBC-MAC (OMAC) in their papers. [1] They later submitted the OMAC1 (= CMAC), [2] a refinement of OMAC, and additional security analysis. [7]
To generate an ℓ-bit CMAC tag (t) of a message (m) using a b-bit block cipher (E) and a secret key (k), one first generates two b-bit sub-keys (k1 and k2) using the following algorithm (this is equivalent to multiplication by x and x2 in a finite field GF(2b)). Let ≪ denote the standard left-shift operator and ⊕ denote bit-wise exclusive or:
As a small example, suppose b = 4, C = 00112, and k0 = Ek(0) = 01012. Then k1 = 10102 and k2 = 0100 ⊕ 0011 = 01112.
The CMAC tag generation process is as follows:
The verification process is as follows:
AES_CMAC()
function in "
impacket/blob/master/tests/misc/test_crypto.py", and its definition in "
impacket/blob/master/impacket/crypto.py"
[8]In this note, we propose OMAC1, a new choice of the parameters of OMAC-family (see [4] for the details). Test vectors are also presented. Accordingly, we rename the previous OMAC as OMAC2. (That is to say, test vectors for OMAC2 were already shown in [3].) We use OMAC as a generic name for OMAC1 and OMAC2.
{{
cite journal}}
: Cite journal requires |journal=
(
help)
{{
cite journal}}
: Cite journal requires |journal=
(
help)
Phillip Rogaway's statement on intellectual property status of CMAC
{{
cite journal}}
: Cite journal requires |journal=
(
help)
One-key MAC (OMAC) is a family of message authentication codes constructed from a block cipher much like the CBC-MAC algorithm. It may be used to provide assurance of the authenticity and, hence, the integrity of data. Two versions are defined:
OMAC is free for all uses: it is not covered by any patents. [4]
The core of the CMAC algorithm is a variation of CBC-MAC that Black and Rogaway proposed and analyzed under the name "XCBC" [5] and submitted to NIST. [6] The XCBC algorithm efficiently addresses the security deficiencies of CBC-MAC, but requires three keys.
Iwata and Kurosawa proposed an improvement of XCBC that requires less key material (just one key) and named the resulting algorithm One-Key CBC-MAC (OMAC) in their papers. [1] They later submitted the OMAC1 (= CMAC), [2] a refinement of OMAC, and additional security analysis. [7]
To generate an ℓ-bit CMAC tag (t) of a message (m) using a b-bit block cipher (E) and a secret key (k), one first generates two b-bit sub-keys (k1 and k2) using the following algorithm (this is equivalent to multiplication by x and x2 in a finite field GF(2b)). Let ≪ denote the standard left-shift operator and ⊕ denote bit-wise exclusive or:
As a small example, suppose b = 4, C = 00112, and k0 = Ek(0) = 01012. Then k1 = 10102 and k2 = 0100 ⊕ 0011 = 01112.
The CMAC tag generation process is as follows:
The verification process is as follows:
AES_CMAC()
function in "
impacket/blob/master/tests/misc/test_crypto.py", and its definition in "
impacket/blob/master/impacket/crypto.py"
[8]In this note, we propose OMAC1, a new choice of the parameters of OMAC-family (see [4] for the details). Test vectors are also presented. Accordingly, we rename the previous OMAC as OMAC2. (That is to say, test vectors for OMAC2 were already shown in [3].) We use OMAC as a generic name for OMAC1 and OMAC2.
{{
cite journal}}
: Cite journal requires |journal=
(
help)
{{
cite journal}}
: Cite journal requires |journal=
(
help)
Phillip Rogaway's statement on intellectual property status of CMAC
{{
cite journal}}
: Cite journal requires |journal=
(
help)