Digest-DMAC
view release on metacpan or search on metacpan
package Digest::DMAC;
use diagnostics;
use strict;
use warnings;
use Carp;
use Crypt::CBC;
use MIME::Base64;
use Exporter;
use vars qw($VERSION @EXPORT_OK @ISA);
$VERSION = '1.1.4';
@ISA = ('Exporter');
@EXPORT_OK = qw(dmac hexdigest base64digest);
sub createcipher
{
my ($key, $iv, $cipher) = @_;
my $cipher_obj = Crypt::CBC->new({'key' => $key,
'cipher' => $cipher,
'iv' => $iv,
'regenerate_key' => 1,
'padding' => 'standard',
'prepend_iv' => 0});
return $cipher_obj;
}
sub createsubkey
{
__END__
=head1 NAME
Digest::DMAC
=head1 REVISION
Please use Digest::EMAC instead. EMAC is now the official name of
Double CBC MAC.
=head1 EXAMPLE 1
use Digest::DMAC qw(dmac hexdigest base64digest);
print "Enter key: ";
my $key = <STDIN>;
chomp $key;
print "Enter cipher: ";
}
=head1 DESCRIPTION
This is B<Encrypted MAC> (B<EMAC>), also known as B<Double MAC>
(B<DMAC>). Unlike B<HMAC>, which reuses an existing one-way hash
function, such as B<MD5>, B<SHA-1> or B<RIPEMD-160>, EMAC reuses an
existing block cipher to produce a secure B<message authentication
code> (B<MAC>).
Using the block cipher, a message is encrypted in B<CBC mode>. The last
block is taken as the MAC of the message. For fixed-length messages,
this method is provably secure. In reality, however, messages have
arbitrary lengths, and this method is not secure. To make secure MACs
for variable length messages, the last block is encrypted once again
with a different key. The security of this construction has been proved
in the paper, ``CBC MAC for Real-Time Data Sources'' by Erez Petrank
and Charles Rackoff. The security can be proved on the assumption that
the underlying block cipher is pseudo-random.
The performance and key-agility of EMAC are reasonable. EMAC is
preferable for short messages because the block length is smaller
compared to the schemes based on a hash function. EMAC is also chosen
as one of the NESSIE winners for Message Authentication Codes, along
with B<UMAC>, B<TTMAC> and B<HMAC>. The current NESSIE specification
chooses the B<AES> as block cipher.
Also specified in the paper by Petrank and Rackoff is the construction
of two encryption keys from a single key. The first subkey is derived
by encrypting `0' (zero) using the original secret key. To produce the
second subkey, a `1' (one) is encrypted using the original secret key.
The first subkey is used in CBC mode to encrypt the entire message. The
last ciphertext block is then re-encrypted with the second subkey. The
result is a MAC whose length is equal to the block length of the cipher
used.
=head1 PREREQUISITES
The module B<Crypt::CBC> is required, plus any block cipher that is
capable of returning its block size when queried. B<RC5> is not
supported, however, because its block size is variable.
B<MIME::Base64> is also required for base64 encoding of output.
=head1 LICENSE
This program is free software; you can redistribute it or modify it
under the terms of the GNU General Public License.
#XXXXXXX This is a prototype!!! It will change in the future!!! XXXXX#
name: Digest-DMAC
version: 1.1.4
version_from: DMAC.pm
installdirs: site
requires:
Crypt::CBC: 2.08
MIME::Base64: 0
distribution_type: module
generated_by: ExtUtils::MakeMaker version 6.10_03
Makefile.PL view on Meta::CPAN
use ExtUtils::MakeMaker;
WriteMakefile (
'AUTHOR' => 'Julius C. Duque',
'ABSTRACT' => 'A MAC that uses an existing block cipher',
'NAME' => 'Digest::DMAC',
'VERSION_FROM' => 'DMAC.pm',
'PREREQ_PM' => {'Crypt::CBC' => '2.08',
'MIME::Base64' => '0'},
'LIBS' => [''],
'DEFINE' => '',
'INC' => '',
'dist' => {'COMPRESS' => 'gzip -9f', 'SUFFIX' => 'gz'}
);
DESCRIPTION
This is Encrypted MAC (EMAC), formerly known as Double MAC (DMAC).
Unlike HMAC, which reuses an existing one-way hash function, such as
MD5, SHA-1 or RIPEMD-160, EMAC reuses an existing block cipher to
produce a secure message authentication code (MAC).
Using the block cipher, a message is encrypted in CBC mode. The last
block is taken as the MAC of the message. For fixed-length messages,
this method is provably secure. In reality, however, messages have
arbitrary lengths, and this method is not secure. To make secure MACs
for variable length messages, the last block is encrypted once again
with a different key. The security of this construction has been proved
in the paper, ``CBC MAC for Real-Time Data Sources'' by Erez Petrank
and Charles Rackoff. The security can be proved on the assumption that
the underlying block cipher is pseudo-random.
The performance and key-agility of EMAC are reasonable. EMAC is
preferable for short messages because the block length is smaller
compared to the schemes based on a hash function. EMAC is also chosen
as one of the NESSIE winners for Message Authentication Codes, along
with UMAC, TTMAC and HMAC. The current NESSIE specification chooses the
AES as block cipher.
Also specified in the paper by Petrank and Rackoff is the construction
of two encryption keys from a single key. The first subkey is derived
by encrypting `0' (zero) using the original secret key. To produce the
second subkey, a `1' (one) is encrypted using the original secret key.
The first subkey is used in CBC mode to encrypt the entire message. The
last ciphertext block is then re-encrypted with the second subkey. The
result is a MAC whose length is equal to the block length of the cipher
used.
EXAMPLES
Sample scripts are found on the directory "example". In particular,
the script multiple-file is used as follows:
./multiple-files file1 file2 file3 ...
where "file1", "file2", "file3", and so on, are the argument files.
PREREQUISITES
The module Crypt::CBC is required, plus any block cipher that is
capable of returning its block size when queried. RC5 is not supported,
however, because its block size is variable.
MIME::Base64 is also required for base64 encoding of output.
LICENSE
This program is free software; you can redistribute it or modify it
under the terms of the GNU General Public License.
( run in 1.293 second using v1.01-cache-2.11-cpan-e1769b4cff6 )