Multos Forums

   

Generate AES CBC Signature

Rank

Total Posts: 7

Joined 2013-04-17

PM

According to MDRM there is Generate 3DES CBC signature functionality in the cards. I’m wondering whether this is signature/MAC functionality also available with the AES cipher. or will be?
This shouldn’t be that difficult, since the construct is the same, only using a different block cipher.

     
RankRankRank

Total Posts: 74

Joined 2012-02-21

PM

Hi Pim,

An effecient AES equivalent to the Generate Triple DES CBC Signature primitive is to use the Block Encipher primitive and specify OutputAddr to be the same as InputAddr. Take the last block of output as your signature.

If you don’t want to overwrite the input you have a couple options: a) use a separate output buffer (could be wasteful depending on the size of the message) or b) call the primitive once per block and use the IV input (could be slower).

Otherwise, yes, if there’s a demand for it a new primitive could be added.
Regards,
Chris.

     
Rank

Total Posts: 7

Joined 2013-04-17

PM

Actually, I didn’t check the specifications correctly. The signature/mac I’m looking for is AES-CMAC. This is the standardised AES mac algorithm. But from you answer I guess I’ll have to implement it myself.