DAA and CMAC

Data authentication algorithm (DAA) authentication algorithm

DAA based on DES, the algorithm is older, people have discovered the algorithm's security weaknesses, has been abolished.

　　

DAA uses the DES operation of the CBC operation mode, its initial vector is 0, the data needs to be certified into a continuous 64-bit packet D1,d2,...,dn, if the final packet less than 64 bits, then fill 0 after filling.

　　DAA's security implications

Given the CBC Mac code for a message grouping x, such as T = MAC (K, X), the attacker would immediately know that for two messages grouped by x | | (t⊙X) CBC Mac code or T. Obviously, for short messages, an attacker could easily find a qualifying M ' make Mac (K, m ') = Mac (K, M).

Password-based message authentication (CMAC) cipher-based message authentication Code

The CMAC encryption is suitable for both AES and 3DES.

　　

　　In order to eliminate the security hidden danger of DAA, CMAC has made an improvement on the basis of DAA, and has made mathematical processing before and after the last step of encryption.

Cn = E (K, [Mn⊙Cn-1⊙K1])

T = Msbtlen (Cn)

Tlen is the length of T, MSBs (x) is the leftmost s bit of the take-up string X

The two-bit n-bit key K1 and K2 are exported by K as follows:

L = E (K, 0n)//Apply the block cipher to a full 0 group

K1 = L x

K2 = L x2 = (L x) • X

Multiplication (•) within the domain GF (2n), X and X2 are the first and two polynomial of the domain GF (2n)

　　

DAA and CMAC