[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: KMIP Spec v1.2 wd05: CMAC Mode Cryptographic Parameters
KMIP Spec v1.2 wd05 The table in Section 3.6 does not include cryptographic parameters that I think are necessary for successful interop when using keys for CMAC. A Cryptographic Parameter required for CMAC is Tlen, the length of the MAC output. NIST SP-800-38B test vectors have Tlen equal to 128 bits. The GlobalPlatform Card Specification 2.2 (for smart cards) states that Tlen is 8 octets (64 bits). RFC4494 (The AES-CMAC Algorithm and IPsec) states: "The output is a 96-bit MAC that will meet the default authenticator length as specified in [AH]" From the above examples, we can see that three different applications for CMAC use three different values for Tlen. A new Cryptographic Parameter, perhaps named "CMAC Tlen" would fix this problem. John ---------------------------------------------------------------------- John Leiseboer QuintessenceLabs Pty Ltd Chief technology Officer Suite 23, Physics Building #38 Phone: +61 7 5494 9291 (Qld) Science Road Phone: +61 2 6125 9498 (ACT) Australian National University Mobile: +61 409 487 510 Acton ACT 0200 Fax: +61 2 6125 7180 AUSTRALIA Email: JL@quintessencelabs.com www.quintessencelabs.com ----------------------------------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]