8-byte CMAC

  • 1. August 2017 at 21:51
    Hi,
    I'm in AN1823, step 5 of the example of switching to AV2 mode, following all the sugested values.
    All has runnig well up to step 4.
    About, step 5, I've tries follow theh procedures to calulate the CMAC published in NIST 800-38B without obtaning the example data for that step in AN1823.
    Up to now I've verifies an correctly the generation of K1 & k2 form Kx.
    Any help will be very appreciate.
    Thanks & regards,
    Claudio.

    + 0  |  - 0

    Re: 8-byte CMAC

    2. August 2017 at 14:24
    Hi Claudio,

    Section 3.1.3.1 of AN1823 shows the switch to AV2 mode. In step 5 a “reduced” CMAC is used. The CMAC is a 16 byte value and for step 5 only the odd bytes are used to perform an 8 byte vector like:

    CMAC(C8E7F707455E194F015E7F3503000000) = A509E6108ADBDB49CC831A02680DE82E
    Step 5 takes odd bytes: 09 10 DB 49 83 02 0D 2E

    Regards,
    The TapLinx team
    + 0  |  - 0

    Re: 8-byte CMAC

    2. August 2017 at 14:35
    Thank you for your answer.

    I followed the referred NIST calculation algorithms 800-38B by AN1823 and DS 164555 and reproduced correctly the cited examples. But, I do not get from AN1823 3.1.3.1., Step 4, reproduce the result you describe (A509E6108ADBDB49CC831A02680DE82E). I attached the exits of my test program:

    --------------------------------------------------
    K 01020304 05060708 09101112 13141516

    Subkey Generation
    AES_128(key,0) c7fa1346 528c9a2e f2026f8e 095f7273
    K1 d2c13e19 b9c613a9 02c0615a debee461
    K2 a5827c33 738c2752 0580c2b5 bd7dc845

    Example 2: len = 8
    M c8e7f707 455e194f 015e7f35 03000000
    AES_CMAC 5bc95519 d3050dea 3cdf9abb 41349dac

    Example 2: len = 16
    M c8e7f707 455e194f 015e7f35 03000000
    AES_CMAC abe61493 d592fd1d dc4f6d82 ca336308

    Any help will be appreciate.
    Thank you.
    Claudio

    + 0  |  - 0

    Re: 8-byte CMAC

    2. August 2017 at 15:48
    Hi Claudio,

    With my sample above I use the same key as in the example on page 17. Here it is important that you always pad the message to a multiple of 16 bytes!

    For instance, on the same page in step 11 I get:
    CMAC(000102030405060708090A0B03000000) = 50F5BE520E30E261CD55463A38DDA0E0

    With is reduced to:
    F5523061553ADDE0

    If you get other values, you should check your CMAC implementation.

    Regards,
    The TapLinx team

    + 0  |  - 0

    Re: 8-byte CMAC

    2. August 2017 at 16:17
    Hello again,

    Yes, I am using the information on page 17, (Secret key (Kx) = 01020304050607080910111213141516), and as a message the one specified in step 4 (c8e7f707 455e194f 015e7f35 03000000), paddes to 16 bytes.


    The enrollment algorithm is based on AES128 and corroborates that specified by the documentation of Ref. 23 and Ref. 24 of document DS164535 ("P5DF081 MIFARE secure access module SAM AV2."). That is, the output data corroborates all the examples presented in the NIST document 800-38B.

    Obviously, there is some detail, or process, that I am not following correctly. If possible, please refer me to any documents I can use to solve the CMAC calculation.

    Thank you again and regards,

    Cladio
    + 0  |  - 0

    Re: 8-byte CMAC

    2. August 2017 at 19:29
    Hello,
    The problem was solved.
    As you said before, the error was in the implementation of the algorithm.
    Thank you and regards,
    Claudio
    + 0  |  - 0
Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.