RFC 3566 (rfc3566) - Page 1 of 11
The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec
Alternative Format: Original Text Document
Network Working Group S. Frankel
Request for Comments: 3566 NIST
Category: Standards Track H. Herbert
Intel
September 2003
The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract
A Message Authentication Code (MAC) is a key-dependent one way hash
function. One popular way to construct a MAC algorithm is to use a
block cipher in conjunction with the Cipher-Block-Chaining (CBC) mode
of operation. The classic CBC-MAC algorithm, while secure for
messages of a pre-selected fixed length, has been shown to be
insecure across messages of varying lengths such as the type found in
typical IP datagrams. This memo specifies the use of AES in CBC mode
with a set of extensions to overcome this limitation. This new
algorithm is named AES-XCBC-MAC-96.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 2
2. Specification of Requirements . . . . . . . . . . . . . . 2
3. Basic CBC-MAC with Obligatory 10* Padding . . . . . . . . 3
4. AES-XCBC-MAC-96 . . . . . . . . . . . . . . . . . . . . . 3
4.1. Keying Material. . . . . . . . . . . . . . . . . . . 5
4.2. Padding . . . . . . . . . . . . . . . . . . . . . . 6
4.3. Truncation . . . . . . . . . . . . . . . . . . . . . 6
4.4. Interaction with the ESP Cipher Mechanism. . . . . . 6
4.5. Performance. . . . . . . . . . . . . . . . . . . . . 6
4.6. Test Vectors . . . . . . . . . . . . . . . . . . . . 7
5. Security Considerations . . . . . . . . . . . . . . . . . 8
6. IANA Considerations . . . . . . . . . . . . . . . . . . . 8
7. Intellectual Property Rights Statement . . . . . . . . . . 8
Frankel & Herbert Standards Track