Scribd
Upload
16 views17 pages

Unit-IV HMAC& CMAC

The document discusses message authentication in cryptography, focusing on Message Authentication Codes (MACs) such as HMAC and CMAC. It explains how MACs ensure message integrity and data origin authentication by using secret keys and hash functions. Additionally, it details the operations and structures of HMAC and CMAC, highlighting their security and implementation aspects.

Uploaded by

nannamyhero279
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
16 views17 pages

Unit-IV HMAC& CMAC

The document discusses message authentication in cryptography, focusing on Message Authentication Codes (MACs) such as HMAC and CMAC. It explains how MACs ensure message integrity and data origin authentication by using secret keys and hash functions. Additionally, it details the operations and structures of HMAC and CMAC, highlighting their security and implementation aspects.

Uploaded by

nannamyhero279
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 17

ADITYA ENGINEERING COLLEGE (A)

Cryptography & Network Security


By

K. Govindaraju
Assistant Professor
Dept of Computer Science & Engineering
Aditya University
Surampalem.
Aditya Engineering College (A)

Learning Outcomes
At the end of this class, Student will be able to:
Discuss about HMAC and CMAC.

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

MESSAGE AUTHENTICATION
• A message digest guarantees the integrity of a message.
• It guarantees that the message has not been changed. A message digest,
however, does not authenticate the sender of the message.
• When Alice sends a message to Bob, Bob needs to know if the message is
coming from Alice.
• To provide message authentication, Alice needs to provide proof that it is Alice
sending the message and not an impostor.
• The digest created by a cryptographic hash function is normally called a
modification detection code (MDC).
• The code can detect any modification in the message. What we need for
message authentication (data origin authentication) is a message authentication
code (MAC).

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

MESSAGE AUTHENTICATION CODE (MAC)


 To ensure the integrity of the message and the data origin authentication that
Alice is the originator of the message, not somebody else we need to change a
modification detection code (MDC) to a message authentication code (MAC).
 The difference between a MDC and a MAC is that the second includes a secret
between Alice and Bob for example, a secret key that Eve does not possess.

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

MESSAGE AUTHENTICATION CODE (MAC) Cont…


 Alice uses a hash function to create a MAC from the concatenation of the key and the
message, h (K|M). She sends the message and the MAC to Bob over the insecure
channel. Bob separates the message from the MAC.
 He then makes a new MAC from the concatenation of the message and the secret key.
Bob then compares the newly created MAC with the one received. If the two MACs
match, the message is authentic and has not been modified by an adversary.

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

TYPES OF MACs
 HMAC (Hash MAC)
 CMAC (Cipher MAC)

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

Hash Message Authentication Code


(HMAC)
It involves hashing padded versions of the key concatenated with the
message, and then with another outer hash of the result prepended
by another padded variant of the key.
The hash function need only be used on 3 more blocks than when
hashing just the original message (for the two keys + inner hash).
HMAC can use any desired hash function, and has been shown to
have the same security as the underlying hash function.
Can choose the hash function to use based on speed/security
concerns.

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
HMAC Overview Aditya Engineering College (A)

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

HMAC Operation
Figure illustrates the overall operation of HMAC:
HMACK = Hash[(K+ XOR opad) || Hash[(K+ XOR ipad) || M)]
where:
K+ is K padded with zeros on the left so that the result is b bits in
length
ipad is a pad value of 36 hex repeated to fill block
opad is a pad value of 5C hex repeated to fill block
M is the message input to HMAC (including the padding specified in
the embedded hash function)
Cryptography & Network
K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

HMAC Operation
Note that the XOR with ipad results in flipping one-half of the bits of K.
Similarly, the XOR with opad results in flipping one-half of the bits of K,
but a different set of bits.
In effect, pseudorandomly generated two keys from K. HMAC should
execute in approximately the same time as the embedded hash
function for long messages.
HMAC adds three executions of the hash compression function (for Si,
So, and the block produced from the inner hash).

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

HMAC Operation
A more efficient implementation is possible by precomputing the
internal hash function on (K+ XOR opad) and (K+ XOR ipad) and
inserting the results into the hash processing at start & end.
With this implementation, only one additional instance of the
compression function is added to the processing normally produced
by the hash function.
This is especially worthwhile if most of the messages for which a MAC
is computed are short.

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

Cipher-Based MAC (CMAC)


The Data Authentication Algorithm cipher-based MAC has been
widely adopted in government and industry.
Has been shown to be secure, with the following restriction. Only
messages of one fixed length of mn bits are processed, where n is the
cipher block size and m is a fixed positive integer.
This limitation can be overcome using multiple keys, which can be
derived from a single key.
This refinement has been adopted by NIST as the cipher-based
message authentication code (CMAC) mode of operation, for use with
AES and triple DES.
Cryptography & Network
K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

CMAC Overview

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

CMAC Operation
Figure shows the structure of CMAC. It uses the blocksize of the
underlying cipher (ie 128-bits for AES or 64-bits for triple-DES).
The message is divided into n blocks M1..Mn, padded if necessary.
The algorithm makes use of a k-bit encryption key K and an n-bit
constant K1 or K2 (depending on whether the message was padded or
not).
For AES, the key size k is 128,192, or 256 bits; for triple DES, the key
size is 112 or 168 bits.
The two constants K1 & K2 are derived from the original key K using
encryption of 0 and multiplication in GF(2^n).
Cryptography & Network
K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

C1 = E(K, M1)
C2 = E(K, [M2 C1])
C3 = E(K, [M3 C2])
.
.
.
Cn = E(K, [Mn Cn-1 K1]) T = MSBTlen(Cn)

Where

T = message authetication code, also referred to as the tag

Tlen = bit length of T

MSBs(X) = the s leftmost bitsof the bit stringX


Cryptography & Network
K. Govindaraju Tuesday, April 8, 2025
Security
Aditya Engineering College (A)

Summary
Learning Outcomes
HMAC
HMAC Overview
HMAC Operation
CMAC
CMAC Overview
CMAC Operation

Cryptography & Network


K. Govindaraju Tuesday, April 8, 2025
Security

You might also like