Skip to content
Please enter a keyword to search

  • ISO/IEC 9797-2:2011

    View superseded by
    Withdrawn A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
    View superseded by

    Information technology Security techniques Message Authentication Codes (MACs) Part 2: Mechanisms using a dedicated hash-function

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Withdrawn date:  16-07-2021

    Language(s):  English

    Published date:  02-05-2011

    Publisher:  International Organization for Standardization

    Add To Cart

    Abstract - (Show below) - (Hide below)

    Message Authentication Code (MAC) algorithms are data integrity mechanisms that compute a short string (the Message Authentication Code or MAC) as a complex function of every bit of the data and of a secret key. Their main security property is unforgeability: someone who does not know the secret key should not be able to predict the MAC on any new data string.

    MAC algorithms can be used to provide data integrity. Their purpose is the detection of any unauthorized modification of the data such as deletion, insertion, or transportation of items within data. This includes both malicious and accidental modifications. MAC algorithms can also provide data origin authentication. This means that they can provide assurance that a message has been originated by an entity in possession of a specific secret key.

    ISO/IEC 9797-2:2011 specifies three MAC algorithms that are based on a dedicated hash-function (selected from ISO/IEC 10118-3).

    ISO/IEC 9797-2:2011 specifies three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC.

    The strength of the data integrity mechanism and message authentication mechanism is dependent on the length (in bits) k and secrecy of the key, on the length (in bits) n of the hash-function and its strength, on the length (in bits) m of the MAC, and on the specific mechanism.

    The first mechanism specified in ISO/IEC 9797-2:2011 is commonly known as MDx-MAC. It calls the complete hash-function once, but it makes a small modification to the round-function by adding a key to the additive constants in the round-function. The second mechanism specified in ISO/IEC 9797-2:2011 is commonly known as HMAC. It calls the complete hash-function twice. The third mechanism specified in ISO/IEC 9797-2:2011 is a variant of MDx-MAC that takes as input only short strings (at most 256 bits). It offers a higher performance for applications that work with short input strings only.

    General Product Information - (Show below) - (Hide below)

    Development Note Together with ISO/IEC 9797-1 supersedes ISO/IEC 9797 (04/2004)
    Document Type Standard
    Publisher International Organization for Standardization
    Status Withdrawn
    Superseded By
    Supersedes

    Standards Referenced By This Book - (Show below) - (Hide below)

    15/30324800 DC : 0 BS ISO/IEC 16512-2 - INFORMATION TECHNOLOGY - RELAYED MULTICAST PROTOCOL: SPECIFICATION FOR SIMPLEX GROUP APPLICATIONS
    BS ISO 11568-4:2007 Banking. Key management (retail) Asymmetric cryptosystems. Key management and life cycle
    INCITS/ISO/IEC 9798-4 : 1999 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION - PART 4: MECHANISMS USING A CRYPTOGRAPHIC CHECK FUNCTION
    ISO/IEC 20648:2016 Information technology — TLS specification for storage systems
    I.S. EN ISO 12855:2015 ELECTRONIC FEE COLLECTION - INFORMATION EXCHANGE BETWEEN SERVICE PROVISION AND TOLL CHARGING (ISO 12855:2015)
    13/30293476 DC : 0 BS EN 62601 - INDUSTRIAL COMMUNICATION NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIA-PA
    INCITS/ISO/IEC 15946-3 : 2002 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CRYPTOGRAPHIC TECHNIQUES BASED ON ELLIPTIC CURVES - PART 3: KEY ESTABLISHMENT
    DD IEC PAS 62601 : DRAFT MAR 2009 INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIA-PA COMMUNICATION NETWORK AND COMMUNICATION PROFILE
    CAN/CSA-ISO/IEC 18033-2:06 (R2016) INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
    ISO/IEC 10118-1:2016 Information technology Security techniques Hash-functions Part 1: General
    I.S. EN 62734:2015 INDUSTRIAL NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - ISA 100.11A
    BS ISO/IEC 9796-2:2010 Information technology. Security techniques. Digital signature schemes giving message recovery Integer factorization based mechanisms
    ISO/IEC 18033-2:2006 Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers
    ISO 11568-4:2007 Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle
    CEN/TS 14821-5:2003 TRAFFIC AND TRAVEL INFORMATION (TTI) - TTI MESSAGES VIA CELLULAR NETWORKS - PART 5: INTERNAL SERVICES
    EN 62734:2015 Industrial networks - Wireless communication network and communication profiles - ISA 100.11a
    EN 62601:2016 Industrial networks - Wireless communication network and communication profiles - WIA-PA
    ISO/IEC 11770-5:2011 Information technology Security techniques Key management Part 5: Group key management
    CSA ISO/IEC 18033-2 :2006 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
    09/30202174 DC : 0 BS EN 50159 - RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
    INCITS/ISO/IEC 9798-4 : 1999 : R2005 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION - PART 4: MECHANISMS USING A CRYPTOGRAPHIC CHECK FUNCTION
    ISO/IEC 9796-2:2010 Information technology Security techniques Digital signature schemes giving message recovery Part 2: Integer factorization based mechanisms
    10/30228327 DC : 0 BS ISO/IEC 18031 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
    ISO/IEC 16512-2:2016 Information technology Relayed multicast protocol: Specification for simplex group applications Part 2:
    12/30259506 DC : DRAFT JAN 2012 BS EN 62734 - INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIRELESS SYSTEMS FOR INDUSTRIAL AUTOMATION: PROCESS CONTROL AND RELATED APPLICATIONS (BASED ON ISA 100.11A)
    ISO/IEC 11770-4:2017 Information technology — Security techniques — Key management — Part 4: Mechanisms based on weak secrets
    16/30288045 DC : 0 BS ISO/IEC 20009-4 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ANONYMOUS ENTITY AUTHENTICATION - PART 4: MECHANISMS BASED ON WEAK SECRETS
    18/30331887 DC : 0 BS ISO/IEC 20889 - INFORMATION TECHNOLOGY- SECURITY TECHNIQUES - PRIVACY ENHANCING DATA DE-IDENTIFICATION TECHNIQUES
    PD ISO/TR 14742:2010 Financial services. Recommendations on cryptographic algorithms and their use
    BS ISO/IEC 18367:2016 Information technology. Security techniques. Cryptographic algorithms and security mechanisms conformance testing
    INCITS/ISO/IEC 18033-2 : 2008 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
    ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
    BS ISO/IEC 18031 : 2011 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
    CAN/CSA-ISO/IEC 18367:18 Information technology — Security techniques — Cryptographic algorithms and security mechanisms conformance testing (Adopted ISO/IEC 18367:2016, first edition, 2016-12-15)
    I.S. EN 62601:2016 INDUSTRIAL NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIA-PA
    PREN 50159 : DRAFT 2009 RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY-RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
    ISO/IEC 11889-1:2015 Information technology Trusted platform module library Part 1: Architecture
    CAN/CSA-ISO/IEC 20648:18 Information technology ? TLS specification for storage systems (Adopted ISO/IEC 20648:2016, first edition, 2016-03-01)
    ISO/IEC 18367:2016 Information technology Security techniques Cryptographic algorithms and security mechanisms conformance testing
    ISO/IEC 11889-2:2015 Information technology Trusted Platform Module Library Part 2: Structures
    04/30040717 DC : DRAFT JUL 2004 ISO/IEC 18033-2 - INFORMATION TECHNOLOGY - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
    BS ISO/IEC 16512-2:2016 Information technology. Relayed multicast protocol: Specification for simplex group applications
    09/30214048 DC : 0 BS ISO/IEC 9796-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURE SCHEMES GIVING MESSAGE RECOVERY - PART 2: INTEGER FACTORIZATION BASED MECHANISMS
    BS EN 50159:2010 Railway applications. Communication, signalling and processing systems. Safety-related communication in transmission systems
    BS ISO/IEC 20009-4:2017 Information technology. Security techniques. Anonymous entity authentication Mechanisms based on weak secrets
    14/30302807 DC : 0 BS ISO/IEC 11889-4 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 4: SUPPORTING ROUTINES
    BS ISO/IEC 20648:2016 Information technology. TLS specification for storage systems
    BS EN ISO 12855:2015 Electronic fee collection. Information exchange between service provision and toll charging
    IEC PAS 62601:2009 Industrial communication networks - Fieldbus specifications - WIA-PA communication network and communication profile
    CAN/CSA-ISO/IEC 18031:13 (R2017) Information technology - Security techniques - Random bit generation (Adopted ISO/IEC 18031:2011, second edition, 2011-11-15)
    INCITS/ISO/IEC 11770-5 : 2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 5: GROUP KEY MANAGEMENT
    CSA ISO/IEC 18031 : 2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
    ISO 15764:2004 Road vehicles Extended data link security
    BS ISO 16609:2012 Financial services. Requirements for message authentication using symmetric techniques
    CAN/CSA-ISO/IEC 11889-4:16 Information technology Trusted Platform Module Library Part 4: Supporting Routines (Adopted ISO/IEC 11889-4:2015, second edition, 2015-12-15)
    BS ISO/IEC 11770-4:2017 Information technology. Security techniques. Key management Mechanisms based on weak secrets
    ISO/TR 14742:2010 Financial services Recommendations on cryptographic algorithms and their use
    UNE-EN 50159:2011 Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
    IEC 62734:2014 Industrial networks - Wireless communication network and communication profiles - ISA 100.11a
    CEI EN 50159 : 2012 RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY-RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
    14/30302798 DC : 0 BS ISO/IEC 11889-1 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 1: ARCHITECTURE
    BS ISO/IEC 11770-5:2011 Information technology Security techniques. Key management Group key management
    BS IEC 62601:2011 Industrial communication networks. Fieldbus specifications. WIA-PA communication network and communication profile
    BS ISO/IEC 11889-4:2009 Information technology. Trusted platform module Commands
    DIN EN 62601:2016-10 Industrial networks - Wireless communication network and communication profiles - WIA-PA (IEC 62601:2015); English version EN 62601:2016
    10/30237107 DC : DRAFT DEC 2010 BS ISO/IEC 11770-5 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 5: GROUP KEY MANAGEMENT
    BS EN 62734:2015 Industrial networks. Wireless communication network and communication profiles. ISA 100.11a
    INCITS/ISO/IEC 18031 : 2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
    BS ISO/IEC 19790:2012 Information technology. Security techniques. Security requirements for cryptographic modules
    14/30302801 DC : 0 BS ISO/IEC 11889-2 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 2: STRUCTURES
    15/30321754 DC : 0 BS ISO/IEC 20648 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - TLS SPECIFICATION FOR STORAGE SYSTEMS
    07/30173155 DC : 0 BS ISO/IEC 9798-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION - PART 2: MECHANISMS USING SYMMETRIC ENCIPHERMENT ALGORITHMS
    09/30207165 DC : 0 BS EN 62601 - INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIA-PA COMMUNICATION NETWORK AND COMMUNICATION PROFILE
    16/30335688 DC : 0 BS ISO/IEC 11770-4 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 4: MECHANISMS BASED ON WEAK SECRETS
    ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
    ISO/IEC 11889-4:2015 Information technology Trusted Platform Module Library Part 4: Supporting Routines
    IEC 62280:2014 Railway applications - Communication, signalling and processing systems - Safety related communication in transmission systems
    EN 50159:2010 Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
    ISO 12855:2015 Electronic fee collection Information exchange between service provision and toll charging
    IEC 62601:2015 Industrial networks - Wireless communication network and communication profiles - WIA-PA
    EN ISO 12855:2015 (edition 2) Electronic fee collection - Information exchange between service provision and toll charging (ISO 12855:2015)
    BS ISO/IEC 11889-1:2009 Information technology. Trusted platform module Overview
    11/30231411 DC : 0 BS ISO 16609 - FINANCIAL SERVICES - REQUIREMENTS FOR MESSAGE AUTHENTICATION USING SYMMETRIC TECHNIQUES
    CAN/CSA-ISO/IEC 10118-1:18 Information technology - Security techniques - Hash-functions - Part 1: General (Adopted ISO/IEC 10118-1:2016, third edition, 2016-10-15)
    BS ISO/IEC 11889-2:2009 Information technology. Trusted platform module Design principles
    PD ISO/IEC TR 29149:2012 Information technology. Security techniques. Best practices for the provision and use of time-stamping services
    BS ISO/IEC 18033-2 : 2006 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
    DD CEN/TS 14821-5:2003 Traffic and Travel Information (TTI). TTI messages via cellular networks Internal services
    CAN/CSA-ISO/IEC 16512-2:18 Information technology — Relayed multicast protocol: Specification for simplex group applications (Adopted ISO/IEC 16512-2:2016, third edition, 2016-04-01)
    BS ISO/IEC 10118-1:2016 Information technology. Security techniques. Hash-functions General
    CAN/CSA-ISO/IEC 11889-2:16 Information technology Trusted Platform Module Library Part 2: Structures (Adopted ISO/IEC 11889-2:2015, second edition, 2015-12-15)
    CAN/CSA-ISO/IEC 11889-1:16 Information technology Trusted Platform Module Library Part 1: Architecture (Adopted ISO/IEC 11889-1:2015, second edition, 2015-12-15)
    ISO/IEC 20009-4:2017 Information technology — Security techniques — Anonymous entity authentication — Part 4: Mechanisms based on weak secrets
    ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
    I.S. EN 50159:2010 RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY-RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
    ISO/IEC TR 29149:2012 Information technology Security techniques Best practices for the provision and use of time-stamping services

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 18032:2005 Information technology Security techniques Prime number generation
    ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
    ISO/IEC 10118-1:2016 Information technology Security techniques Hash-functions Part 1: General
    ISO/IEC 646:1991 Information technology ISO 7-bit coded character set for information interchange
    ISO/IEC 9797-1:2011 Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher
    ISO/IEC 10118-3:2004 Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions
    ISO/IEC 10181-6:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Integrity framework
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective