Message Authentication
Block Cipher-based MAC Algorithm (CMAC)
- Overview:
The CMAC algorithm is specified in Special
Publication 800-38B dated May 2005, Recommendation for Block Cipher Modes
of Operation: The CMAC Mode for Authentication. CMAC can be considered a mode
of operation of the block cipher because it is based on an approved symmetric
key block cipher, such as the Advanced Encryption Standard (AES) algorithm
currently specified in Federal Information Processing Standard (FIPS) Pub.
197. CMAC is also an approved mode of the Triple Data Encryption Algorithm
(TDEA).
- Testing Requirements:
CMT labs can test for conformance to the CMAC algorithm in Special Publication
800-38B. The testing requirements for this algorithm can be found in the document
titled The CMAC Validation System (CMACVS).
Additional testing note: The underlying NIST-Approved symmetric key algorithm
must be validated as part of the CMAC validation. Currently, NIST approves
both the AES and TDES algorithms for use with CMAC.
- Validation List:
NIST maintains the current CMAC Validations. CMAC Validations are included
on the validation list of its approved symmetric key block cipher -- therefore
it is included on either the AES Validation
List or the TDES Validation
List.
- Test Vectors:
CMAC Test Vectors - These files provide an electronic version of the test
vectors that can be used to informally verify the correctness of a CMAC algorithm
implementation using the CMACVS. However, use of these vectors
does not take the place of validation obtained through the Cryptographic Algorithm
Validation Program (CAVP).
- CMAC Test Vectors
Counter with Cipher Block Chaining-Message Authentication Code (CCM)
- Overview:
The Counter with Cipher Block Chaining-Message Authentication Code (CCM) is
specified in Special
Publication 800-38C dated May, 2004, Counter with Cipher Block Chaining-Message
Authentication Code (CCM). CCM is based on an approved symmetric key block
cipher algorithm whose block size is 128 bits, such as the Advanced Encryption
Standard (AES) algorithm currently specified in Federal Information Processing
Standard (FIPS) Pub. 197 [2]; thus, CCM cannot be used with the Triple Data
Encryption Algorithm [3], whose block size is 64 bits. Currently the only
NIST-Approved 128 bit symmetric key algorithm is AES.
- Testing Requirements:
CMT labs can test for conformance to the CCM algorithm in Special Publication
800-38C. The testing requirements for this algorithm can be found in the document
titled The Counter with Cipher Block Chaining-Message
Authentication Code (CCM) Validation System (CCMVS). Additional testing
note: The underlying NIST-Approved 128 bit symmetric key algorithm must
be validated as part of the CCM validation. Currently, the only 128 bit symmetric
key algorithm approved by NIST is AES.
- Validation List:
NIST maintains the current CCM Validations. CCM Validations are included on
the validation list of its approved symmetric key block cipher whose block
size is 128 bits-- therefore it is included on the AES
Validation List. NIST maintains the original CCM
Validation List. for historical purposes. The information contained on
the CCM Validation List has been duplicated in the AES Validation List.
- Test Vectors:
CCM Test Vectors - These files provide an electronic version of the test vectors
that can be used to informally verify the correctness of a CCM algorithm implementation
using the CCMVS. However, use of these vectors does not take the
place of validation obtained through the Cryptographic Algorithm Validation
Program (CAVP).
- CCM Test Vectors
Keyed-Hash Message Authentication Code (HMAC)
- Overview:
The Keyed-Hash Message Authentication Code (HMAC) is specified in FIPS
198 dated March 6, 2002, Keyed-Hash Message Authentication Code (HMAC).
This algorithm utilizes the Secure Hash Algorithms as an underlying primitive.
- Testing Requirements:
CMT labs can test for conformance to the HMAC algorithm in FIPS 198. The testing
requirements for these algorithms can be found in the document titled The
Keyed-Hash Message Authentication Code (HMAC) Validation System (HMACVS).
Additional testing note: All underlying SHA algorithm(s) supported
by the HMAC implementation must be validated as part of the HMAC validation.
- Validation List:
NIST maintains the current HMAC Validation
List.
- Test Vectors:
HMAC Test Vectors - These files provide an electronic version of the test
vectors that can be used to informally verify the correctness of an HMAC algorithm
implementation using the HMACVS. However, use of these vectors
does not take the place of validation obtained through the Cryptographic Algorithm
Validation Program (CAVP).
- HMAC Test Vectors
Data (Message) Authentication Code (MAC)
and Key Management Using ANSI X9.17
The automated conformance tests for FIPS 113 and 171 are no longer operational.
Currently, if a FIPS 140-1 or FIPS 140-2 cryptographic module implements either
of these two standards, the CMT
testing laboratories perform some testing that these FIPS requirements are
implemented correctly in the cryptographic module.
Message Authentication Code (MAC), FIPS 113
The MAC Validation System (MVS) tested for compliance with FIPS
113, Computer Data Authentication. A list of validated
products is maintained by the Security Technology Group.
Key Management Using ANSI X9.17, FIPS 171
The Key Management Validation System (KMVS) tested for compliance with FIPS
171, Key Management Using ANSI X9.17. A list of validated
products is maintained by the Security Technology Group.
Need assistance?
Last Modified: February 14, 2006
Computer Security Division
National Institute of Standards and Technology