RFC 3610 (rfc3610) - Page 2 of 26

Counter with CBC-MAC (CCM)

Alternative Format: Original Text Document
< Previous
Next >
RFC 3610               Counter with CBC-MAC (CCM)         September 2003


   choice is L, the size of the length field.  This value requires a
   trade-off between the maximum message size and the size of the Nonce.
   Different applications require different trade-offs, so L is a
   parameter.  Valid values of L range between 2 octets and 8 octets
   (the value L=1 is reserved).

       Name  Description                               Size    Encoding
       ----  ----------------------------------------  ------  --------
       M     Number of octets in authentication field  3 bits  (M-2)/2
       L     Number of octets in length field          3 bits  L-1

2.1.  Inputs

   To authenticate and encrypt a message the following information is
   required:

   1.  An encryption key K suitable for the block cipher.

   2.  A nonce N of 15-L octets.  Within the scope of any encryption key
       K, the nonce value MUST be unique.  That is, the set of nonce
       values used with any given key MUST NOT contain any duplicate
       values.  Using the same nonce for two different messages
       encrypted with the same key destroys the security properties of
       this mode.

   3.  The message m, consisting of a string of l(m) octets where 0
< Previous
Next >