Package Cryptodome :: Package Hash :: Module CMAC

Module CMAC

CMAC (Cipher-based Message Authentication Code) algorithm

CMAC is a MAC defined in NIST SP 800-38B and in RFC4493 (for AES only) and constructed using a block cipher. It was originally known as OMAC1.

The algorithm is sometimes named X-CMAC where X is the name of the cipher (e.g. AES-CMAC).

This is an example showing how to create an AES-CMAC:

>>> from Cryptodome.Hash import CMAC
>>> from Cryptodome.Cipher import AES
>>>
>>> secret = b'Sixteen byte key'
>>> cobj = CMAC.new(secret, ciphermod=AES)
>>> cobj.update(b'Hello')
>>> print cobj.hexdigest()

And this is an example showing how to check an AES-CMAC:

>>> from Cryptodome.Hash import CMAC
>>> from Cryptodome.Cipher import AES
>>>
>>> # We have received a message 'msg' together
>>> # with its MAC 'mac'
>>>
>>> secret = b'Sixteen byte key'
>>> cobj = CMAC.new(secret, ciphermod=AES)
>>> cobj.update(msg)
>>> try:
>>>   cobj.verify(mac)
>>>   print "The message '%s' is authentic" % msg
>>> except ValueError:
>>>   print "The message or the key is wrong"

A cipher block size of 128 bits (like for AES) guarantees that the risk of MAC collisions remains negligeable even when the same CMAC key is used to authenticate a large amount of data (2^22 Gbytes).

This implementation allows also usage of ciphers with a 64 bits block size (like TDES) for legacy purposes only. However, the risk is much higher and one CMAC key should be rotated after as little as 16 MBytes (in total) have been authenticated.

Classes
  CMAC
Class that implements CMAC
Functions
 
new(key, msg=None, ciphermod=None, cipher_params=None)
Create a new CMAC object.
Variables
  digest_size = None
The size of the authentication tag produced by the MAC.
  __package__ = 'Cryptodome.Hash'
Function Details

new(key, msg=None, ciphermod=None, cipher_params=None)

 
Create a new CMAC object.
Parameters:
  • key (byte string) - secret key for the CMAC object. The key must be valid for the underlying cipher algorithm. For instance, it must be 16 bytes long for AES-128.
  • msg (byte string) - The very first chunk of the message to authenticate. It is equivalent to an early call to CMAC.update. Optional.
  • ciphermod (module) - A cipher module from Cryptodome.Cipher. The cipher's block size has to be 128 bits, like Cryptodome.Cipher.AES, to reduce the probability of collisions.
Returns:
A CMAC object