UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC 9797-2

Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function

active, Most Current
Buy Now
Organization: ISO
Publication Date: 1 May 2011
Status: active
Page Count: 46
ICS Code (Information coding): 35.040
scope:

This part of ISO/IEC 9797 specifies three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC. These mechanisms can be used as data integrity mechanisms to verify that data has not been altered in an unauthorized manner. They can also be used as message authentication mechanisms to provide assurance that a message has been originated by an entity in possession of the secret key. The strength of the data integrity and message authentication mechanisms is dependent on the entropy and secrecy of the key, on the length (in bits) n of a hash-code produced by the hash-function, on the strength of the hash-function, on the length (in bits) m of the MAC, and on the specific mechanism.

The three mechanisms specified in this part of ISO/IEC 9797 are based on the dedicated hash-functions specified in ISO/IEC 10118-3. The first mechanism is commonly known as MDx-MAC. It calls the hash-function once, but it makes a small modification to the round-function in the hash-function by adding a key to the additive constants in the round-function. The second mechanism is commonly known as HMAC. It calls the hash-function twice. The third mechanism is a variant of MDx-MAC that takes as input only short strings (at most 256 bits). It offers higher performance for applications that work with short input data strings only.

This part of ISO/IEC 9797 can be applied to the security services of any security architecture, process, or application.

NOTE A general framework for the provision of integrity services is specified in ISO/IEC 10181-6 [5].

Document History

ISO/IEC 9797-2
June 1, 2021
Information security — Message authentication codes (MACs) — Part 2: Mechanisms using a dedicated hash-function
This document specifies MAC algorithms that use a secret key and a hash-function (or its round-function or sponge function) to calculate an m-bit MAC. These mechanisms can be used as data integrity...
ISO/IEC 9797-2
May 1, 2011
Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function
This part of ISO/IEC 9797 specifies three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC. These mechanisms can be used...
ISO/IEC 9797-2
May 1, 2011
Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function
— This part of ISO/IEC 9797 specifies three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC. These mechanisms can be...
ISO/IEC 9797-2
June 1, 2002
Information Technology - Security Techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms Using a Dedicated Hash-Function
A description is not available for this item.

References

This document references:
ISO/IEC 18033-1 - Information technology - Security techniques - Encryption algorithms - Part 1: General
Published by ISO on August 1, 2015
This part of ISO/IEC 18033 is general in nature, and provides definitions that apply in subsequent parts of this International Standard. The nature of encryption is introduced, and certain general...
This document references:
ISO/IEC 7498-2 - Information Processing Systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture
Published by ISO on February 15, 1989
Scope and field of application This part of ISO 7498: a) provides a general description of security services and related mechanisms, which may be provided by the Reference Model; and b) defines the...
This document references:
ISO/IEC 18033-1 - Information technology - Security techniques - Encryption algorithms - Part 1: General
Published by ISO on August 1, 2015
This part of ISO/IEC 18033 is general in nature, and provides definitions that apply in subsequent parts of this International Standard. The nature of encryption is introduced, and certain general...
This document references:
ISO/IEC 9797-1 AMD 1 - Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher AMENDMENT 1
Published by ISO on August 1, 2023
A description is not available for this item.
This document references:
ISO/IEC 646 - Information Technology - ISO 7-Bit Coded Character Set for Information Interchange
Published by ISO on December 15, 1991
This International Standard specifies a set of 128 characters, (control characters and graphic characters such as letters, digits and symbols) with their coded representation. Most of these...
This document references:
ISO/IEC 18032 - Information security — Prime number generation
Published by ISO on December 1, 2020
This document specifies methods for generating and testing prime numbers as required in cryptographic protocols and algorithms. Firstly, this document specifies methods for testing whether a given...
This document is referenced by:
BS ISO/IEC 13888-1 - Information security — Non-repudiation Part 1: General
Published by BSI on September 30, 2020
A description is not available for this item.
This document is referenced by:
ISO 16609 - Financial services — Requirements for message authentication using symmetric techniques
Published by ISO on March 15, 2012
This International Standard specifies procedures, independent of the transmission process, for protecting the integrity of transmitted banking messages and for verifying that a message has originated...
This document is referenced by:
ITU-T X.603.1 - Information technology – Relayed multicast protocol: Specification for simplex group applications Amendment 1: Security extensions
Published by ITU-T on November 1, 2009
A description is not available for this item.
This document is referenced by:
CEI EN 50159 - Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
Published by CEI on February 1, 2012
This European Standard is applicable to safety-related electronic systems using for digital communication purposes a transmission system which was not necessarily designed for safety-related...
This document is referenced by:
TS 133 105 - Universal Mobile Telecommunications System (UMTS); LTE; 3G Security; Cryptographic algorithm requirements
Published by ETSI on April 1, 2022
This specification constitutes a requirements specification for the security functions which may be used to provide the network access security features defined in [1]. The specification covers the...
View Less
View All
Advertisement