ISO IEC 9797-2:2021 pdf download – Information security — Message authentication codes (MACs) — Part 2: Mechanisms using a dedicated hash- function.
1 Scope This document specifies MAC algorithms that use a secret key and a hash-function (or its round- function or sponge function) to calculate an m-bit MAC. These mechanisms can be used as data integrity mechanisms to verify that data has not been altered in an unauthorized manner. NOTE A general framework for the provision of integrity services is specified in ISO/IEC 10181-6. 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 10118-3, IT Security techniques — Hash-functions — Part 3: Dedicated hash-functions 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. ISO and IEC maintain terminological databases for use in standardization at the following addresses: — ISO Online browsing platform: available at https://www.iso .org/obp — IEC Electropedia: available at http://www.electropedia .org/ 3.1 block bit-string of length L 1 , i.e. the length of the first input to the round-function [SOURCE: ISO/IEC 10118-3:2018, 3.1] 3.2 entropy measure of the disorder, randomness or variability in a closed system Note 1 to entry: The entropy of a random variable X is a mathematical measure of the amount of information provided by an observation of X . [SOURCE: ISO/IEC 18031:2011, 3.11] 3.3 input data string string of bits which is the input to a MAC algorithm
3.4 hash-code string of bits which is the output of a hash-function [SOURCE: ISO/IEC 10118-1:2016, 3.3] 3.5 hash-function function which maps strings of bits of variable (but usually upper bounded) length to fixed-length strings of bits, satisfying the following two properties: — for a given output, it is computationally infeasible to find an input which maps to this output; — for a given input, it is computationally infeasible to find a second input which maps to the same output Note 1 to entry: Computational infeasibility depends on the specific security requirements and environment. Refer to ISO/IEC 10118-1:2016, Annex C. [SOURCE: ISO/IEC 10118-1:2016, 3.4, modified — “feasability” in Note 1 to entry changed to “infeasability”.] 3.6 initializing value value used in defining the starting point of a hash-function [SOURCE: ISO/IEC 10118-1:2016, 3.5, modified — Note 1 to entry removed] 3.7 MAC algorithm key key that controls the operation of a MAC algorithm [SOURCE: ISO/IEC 9797-1:2011, 3.8] 3.8 message authentication code MAC string of bits which is the output of a MAC algorithm Note 1 to entry: A MAC is sometimes called a cryptographic check value (see for example ISO 7498-2 ). [SOURCE: ISO/IEC 9797-1:2011, 3.9]