ISO/IEC 9797-2:2002 PDF

Standard No.: ISO/IEC 9797-2:2002
Release Date: 2002
Published By: International Organization for Standardization (ISO)
Status: Withdraw
Replace By: ISO/IEC 9797-2:2011
Latest: ISO/IEC 9797-2:2021

Scope: This part of ISO/IEC 9797 specifies three MAC algo-rithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC. These mechanisms can be used as data integrity mechanisms to verify that data has not been altered in an unauthorised manner. They can also be used as message authentication mechanisms to provide assurance that a message has been originated by an en-tity in possession of the secret key. The strength of the data integrity mechanism and message authentication mechanism is dependent on the length (in bits) k and secrecy of the key, on the length (in bits) n of a hash-code produced by the hash-function, on the strength of the hash-function, on the length (in bits) m of the MAC, and on the specific mechanism. The three mechanisms specified in this part of ISO/IEC 9797 are based on the dedicated hash-functions specified in ISO/IEC 10118-3. The first mech-anism specified in this part of ISO/IEC 9797 is com-monly known as MDx-MAC. It calls the complete hash-function once, but it makes a small modification to the round-function by adding a key to the additive constants in the round-function. The second mechanism specified in this part of ISO/IEC 9797 is commonly known as HMAC. It calls the complete hash-function twice. The third mechanism specified in this part of ISO/IEC 9797 is a variant of MDx-MAC that takes as input only short strings (at most 256 bits). It offers a higher performance for applications that work with short input strings only. This part of ISO/IEC 9797 can be applied to the se-curity services of any security architecture, process, or application.

ISO/IEC 9797-2:2002 history

2021 ISO/IEC 9797-2:2021 Information security -- Message authentication codes (MACs)-- Part 2:Mechanisms using a dedicated hash-function
2011 ISO/IEC 9797-2:2011/Cor 1:2011 Information technology — Security techniques — Message Authentication Codes (MACs) — Part 2: Mechanisms using a dedicated hash-function
2011 ISO/IEC 9797-2:2011 Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function
2002 ISO/IEC 9797-2:2002 Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function

ISO/IEC 9797-2:2002Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function

ISO/IEC 9797-2:2002 history

ISO/IEC 9797-2:2002
Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function