Formal Security Proof of CMAC and Its Variants

Abstract : The CMAC standard, when initially proposed by Iwata and Kurosawa as OMAC1, was equipped with a complex game-based security proof. Following recent advances in formal verification for game-based security proofs, we formalize a proof of unforgeability for CMAC in EasyCrypt. A side effect of this proof includes improvements and extensions to EasyCrypt's standard libraries. This formal proof obtains security bounds very similar to Iwata and Kurosawa's for CMAC, but also proves secure a certain number of intermediate constructions of independent interest, including ECBC, FCBC and XCBC. This work represents one more step in the direction of obtaining a reliable set of independently verifiable evidence for the security of international cryptographic standards.
Document type :
Conference papers
Liste complète des métadonnées
Contributor : Benjamin Gregoire <>
Submitted on : Tuesday, December 18, 2018 - 6:02:51 PM
Last modification on : Thursday, February 7, 2019 - 3:36:35 PM
Document(s) archivé(s) le : Wednesday, March 20, 2019 - 9:16:09 AM


Files produced by the author(s)


  • HAL Id : hal-01959554, version 1



Cécile Baritel-Ruet, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire. Formal Security Proof of CMAC and Its Variants. CSF 2018 - 31st EEE Computer Security Foundations Symposium, Jul 2018, Oxford, United Kingdom. ⟨hal-01959554⟩



Record views


Files downloads