Yorkville High School Computer Science

Computer Security :: Lessons :: HMAC and CMAC

HMAC

The idea of using a hash function to generate a MAC is relatively new. HMAC or hash-based message authentication code was first defined and published in 1996 and is now used for IP security and SSL. The advantage of using a hash-based MAC as opposed to a MAC based a block cipher is speed. Hash functions like MD5 and SHA are generally faster in software than symmetric block ciphers like AES and DES.

A hash function cannot be used directly as a MAC since it does not rely on a secret key. The design objectives for an HMAC are the following:

• The ability to use available hash functions without modification.
• The ability to easily replace the embedded hash function in case faster or more secure functions become available.
• The ability to preserve the original performance of the hash function.
• The ability to use keys in a simple way.
• A well understood cryptographic analysis of the strength of the authentication mechanism.

The diagram shows the general structure of HMAC using these terms:

• H: Embedded Hash Function
• IV: Initial Value Input
• M: Message Input
• Y_i: ith block of M
• L = Number of Blocks in M
• b: Numbers of Bits in a Block
• n: Length of Hash Code Output
• K: Secret Key
• K⁺: K Padded with 0s
• ipad: 00110110 (36 in Hexadecimal) Repeated b/8 Times)
• opad: 01011100 (5C in Hexadecimal) Repeated b/8 Times)

The HMAC structure follows these steps:

1. Append 0s to the left of K to create a b-bit string K⁺.
2. XOR K⁺ with ipad to produce the b-bit block S_i.
3. Append M to S_i.
4. Apply H to the stream generated in the previous step.
5. XOR K⁺ with opad to produce the b-bit block S₀.
6. Append the hash result from step 4 to S₀.
7. Apply H to the stream generated in step 6 and output the result.

CMAC

The Data Authentication Algorithm, or DAA, is a block cipher MAC based on DES. However, security weaknesses have led to its replacement. Cipher-based Message Authentication Code, or CMAC, is a block-cipher mode of operation for use with AES and 3DES. CMAC uses three keys: one key that is used for each step of the cipher block chaining and two keys that are the same length as the cipher block.