IMPLEMENTATION OF IMPROVED CBC MAC FOR ARBITRARY LENGTH MESSAGES

Abstract

The CBC MAC (Cipher Block Chaining Message Authentication Code) is a well-known method to generate a message authentication code based on a block cipher. It is proved that the security of the CBC MAC for fixed message length mu bits, where n is the block length of the underlying block cipher E. However, it is well known that the CBC MAC is not secure unless the message length is fixed. Therefore, several variants of CBC MAC have been proposed for variable length messages like EMAC. XCBC and TMAC. Here, we propose and implement another variant for CBC MAC and prove its security for arbitrary length messages. The proposed mode takes only one key, K of a block cipher E. Previously, XCBC requires three keys, (k + 2n) bits in total, and TMAC requires two keys, (k + n) bits in total, where n denotes the block length of E. The saving of the key length makes the security proof of proposed mode substantially harder than those of XCBC.