[PATCH] Add CMAC mode (Cipher-based MAC)
Werner Koch
wk at gnupg.org
Thu Oct 31 16:01:32 CET 2013
On Thu, 31 Oct 2013 13:41, jussi.kivilinna at iki.fi said:
> Patch adds CMAC (Cipher-based MAC) mode as defined in RFC 4493 and NIST
> Special Publication 800-38B.
>
> Example of usage:
> /* Message 1 is split to two buffers, buf1_a and buf1_b. */
> gcry_cipher_setkey(h, key, len(key));
I wonder whether it is a good idea to put MAC algorithms into the cipher
module. It is a bit of surprise because a MAC has IMHO more of a hash
algorithm than of a cipher algorithm. Also, we already have HMAC in
gcry_md_*. Right, there is quite some overlap now with the
authenticated methods. The later are however justified in gcry_cipher
because their main purpose is encryption.
Opinions?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list