• Shopping Cart
    There are no items in your cart

AS ISO/IEC 9797.2:2019

Current

Current

The latest, up-to-date edition.

Information technology - Security techniques - Message Authentication Codes (MACs) Mechanisms using a dedicated hash-function

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Language(s)

English

Published date

16-10-2019

€111.46
Excluding VAT

The objective of this Standard is to specify three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC. These mechanisms can be used as data integrity mechanisms to verify that data has not been altered in an unauthorized manner. They can also be used as message authentication mechanisms to provide assurance that a message has been originated by an entity in possession of the secret key. The strength of the data integrity and message authentication mechanisms is dependent on the entropy and secrecy of the key, on the length (in bits) n of a hash-code produced by the hash-function, on the strength of the hash-function, on the length (in bits) m of the MAC, and on the specific mechanism.

Committee
IT-005
DocumentType
Standard
ISBN
978 1 76072 560 0
Pages
39
PublisherName
Standards Australia
Status
Current
Supersedes

This part of ISO/IEC 9797 specifies three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC. These mechanisms can be used as data integrity mechanisms to verify that data has not been altered in an unauthorized manner. They can also be used as message authentication mechanisms to provide assurance that a message has been originated by an entity in possession of the secret key. The strength of the data integrity and message authentication mechanisms is dependent on the entropy and secrecy of the key, on the length (in bits) n of a hash-code produced by the hash-function, on the strength of the hash-function, on the length (in bits) m of the MAC, and on the specific mechanism.
The three mechanisms specified in this part of ISO/IEC 9797 are based on the dedicated hash-functions specified in ISO/IEC 10118-3. The first mechanism is commonly known as MDx-MAC. It calls the hash-function once, but it makes a small modification to the round-function in the hash-function by adding a key to the additive constants in the round-function. The second mechanism is commonly known as HMAC. It calls the hash-function twice. The third mechanism is a variant of MDx-MAC that takes as input only short strings (at most 256 bits). It offers higher performance for applications that work with short input data strings only.
This part of ISO/IEC 9797 can be applied to the security services of any security architecture, process, or application.
NOTE A general framework for the provision of integrity services is specified in ISO/IEC 10181-6 [5].

Standards Relationship
ISO/IEC 9797-2:2011 Identical

Originated as AS 2805.4.2-2001.
Previous edition 2006.
Revised and redesignated as AS ISO/IEC 9797.2:2019.

ISO/IEC 9797-1:2011 Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 646:1991 Information technology ISO 7-bit coded character set for information interchange
ISO/IEC 10181-6:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Integrity framework
ISO/IEC 18032:2005 Information technology Security techniques Prime number generation
ISO/IEC 10118-1:2000 Information technology Security techniques Hash-functions Part 1: General
ISO/IEC 10118-3:2004 Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions
ISO/IEC 10118-3:2004/Amd 1:2006 Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions Amendment 1: Dedicated Hash-Function 8 (SHA-224)

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.