翻訳と辞書 Words near each other ・ CBC Summer Symphonies ・ CBC Symphony Orchestra ・ CBC Television ・ CBC Television (disambiguation) ・ CBC Television local newscasts ・ CBC Thunder Bay ・ CBC Toronto ・ CBC Tower ・ CBC Tower (Mont-Carmel) ・ CBC TV 8 (Barbados) ・ CBC Vancouver ・ CBC Windsor ・ CBC Winnipeg ・ CBC Winnipeg Orchestra ・ CBC-2 ・ CBC-MAC ・ CBC.ca ・ CBC2 ・ Cbca ・ CBCC ・ CBCE ・ CBCL ・ CBCL (MIT) ・ CBCL-FM ・ CBCM ・ CBCN ・ CBCP ・ CBCR ・ CBCS ・ CBCS (cable system) Dictionary Lists mini英和辞書 mini和英辞書 Webster 1913 Latin-English FOLDOC Wikipedia English ウィキペディア

翻訳と辞書　辞書検索 [ 開発暫定版 ] スポンサード リンク CBC-MAC ： ウィキペディア英語版 CBC-MAC In cryptography, a cipher block chaining message authentication code (CBC-MAC) is a technique for constructing a message authentication code from a block cipher. The message is encrypted with some block cipher algorithm in CBC mode to create a chain of blocks such that each block depends on the proper encryption of the previous block. This interdependence ensures that a change to any of the plaintext bits will cause the final encrypted block to change in a way that cannot be predicted or counteracted without knowing the key to the block cipher. To calculate the CBC-MAC of message $m$ one encrypts $m$ in CBC mode with zero initialization vector. The following figure sketches the computation of the CBC-MAC of a message comprising blocks $m\_1\backslash |m\_2\backslash |\backslash cdots\backslash |m\_x$ using a secret key $k$ and a block cipher $E$: ==Security with fixed and variable-length messages== If the block cipher used is secure (meaning that it is a pseudorandom permutation), then CBC-MAC is secure for fixed-length messages.〔M. Bellare, J. Kilian and P. Rogaway. (The security of the cipher block chaining message authentication code. ) JCSS 61(3):362–399, 2000.〕 However, by itself, it is not secure for variable-length messages. Thus, any single key must only be used for messages of a fixed and known length. This is because an attacker who knows the correct message-tag (i.e. CBC-MAC) pairs for two messages $(m,$ $t)$ and $(m\text{'},$ $t\text{'})$ can generate a third message $m\text{'}\text{'}$ whose CBC-MAC will also be $t\text{'}$. This is simply done by XORing the first block of $m\text{'}$ with $t$ and then concatenating $m$ with this modified $m\text{'}$; i.e., by making $m\text{'}\text{'}\; =\; m\; \backslash |\; (\backslash oplus\; t)\; \backslash |\; m\_2\text{'}\; \backslash |\; \backslash dots\; \backslash |\; m\_x\text{'})$. When computing the MAC for the message $m\text{'}\text{'}$, it follows that we compute the MAC for $m$ in the usual manner as $t$, but when this value is chained forwards to the stage computing $E\_\}(m\_1\text{'}\; \backslash oplus\; t\; \backslash oplus\; t)\; =\; E\_\{K\_\backslash text\{MAC\}\}(m\_1\text{'})$ and thus the tag for $m\text{'}\text{'}$ is $t\text{'}$. This problem cannot be solved by adding a message-size block to the end.〔 There are three main ways of modifying CBC-MAC so that it is secure for variable length messages: 1) Input-length key separation; 2) Length-prepending; 3) Encrypt last block.〔 In such a case, it may also be recommended to use a different mode of operation, for example, CMAC or HMAC to protect the integrity of variable-length messages. 抄文引用元・出典: フリー百科事典『 ウィキペディア（Wikipedia）』 ■ウィキペディアで「CBC-MAC」の詳細全文を読む スポンサード リンク 翻訳と辞書 : 翻訳のためのインターネットリソース Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.