Customer Support: 131 242

  • There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Dismiss alert

ISO/IEC 9797-2:2011

Withdrawn

Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

View Superseded by

Information technology Security techniques Message Authentication Codes (MACs) Part 2: Mechanisms using a dedicated hash-function

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Withdrawn date

16-07-2021

Superseded by

ISO/IEC 9797-2:2021

Language(s)

English

Published date

02-05-2011

$118.72
Including GST where applicable

Message Authentication Code (MAC) algorithms are data integrity mechanisms that compute a short string (the Message Authentication Code or MAC) as a complex function of every bit of the data and of a secret key. Their main security property is unforgeability: someone who does not know the secret key should not be able to predict the MAC on any new data string.

MAC algorithms can be used to provide data integrity. Their purpose is the detection of any unauthorized modification of the data such as deletion, insertion, or transportation of items within data. This includes both malicious and accidental modifications. MAC algorithms can also provide data origin authentication. This means that they can provide assurance that a message has been originated by an entity in possession of a specific secret key.

ISO/IEC 9797-2:2011 specifies three MAC algorithms that are based on a dedicated hash-function (selected from ISO/IEC 10118-3).

ISO/IEC 9797-2:2011 specifies three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC.

The strength of the data integrity mechanism and message authentication mechanism is dependent on the length (in bits) k and secrecy of the key, on the length (in bits) n of the hash-function and its strength, on the length (in bits) m of the MAC, and on the specific mechanism.

The first mechanism specified in ISO/IEC 9797-2:2011 is commonly known as MDx-MAC. It calls the complete hash-function once, but it makes a small modification to the round-function by adding a key to the additive constants in the round-function. The second mechanism specified in ISO/IEC 9797-2:2011 is commonly known as HMAC. It calls the complete hash-function twice. The third mechanism specified in ISO/IEC 9797-2:2011 is a variant of MDx-MAC that takes as input only short strings (at most 256 bits). It offers a higher performance for applications that work with short input strings only.

DevelopmentNote
Together with ISO/IEC 9797-1 supersedes ISO/IEC 9797 (04/2004)
DocumentType
Standard
Pages
39
PublisherName
International Organization for Standardization
Status
Withdrawn
SupersededBy
Supersedes

15/30324800 DC : 0 BS ISO/IEC 16512-2 - INFORMATION TECHNOLOGY - RELAYED MULTICAST PROTOCOL: SPECIFICATION FOR SIMPLEX GROUP APPLICATIONS
BS ISO 11568-4:2007 Banking. Key management (retail) Asymmetric cryptosystems. Key management and life cycle
INCITS/ISO/IEC 9798-4 : 1999 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION - PART 4: MECHANISMS USING A CRYPTOGRAPHIC CHECK FUNCTION
ISO/IEC 20648:2016 Information technology — TLS specification for storage systems
I.S. EN ISO 12855:2015 ELECTRONIC FEE COLLECTION - INFORMATION EXCHANGE BETWEEN SERVICE PROVISION AND TOLL CHARGING (ISO 12855:2015)
13/30293476 DC : 0 BS EN 62601 - INDUSTRIAL COMMUNICATION NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIA-PA
INCITS/ISO/IEC 15946-3 : 2002 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CRYPTOGRAPHIC TECHNIQUES BASED ON ELLIPTIC CURVES - PART 3: KEY ESTABLISHMENT
DD IEC PAS 62601 : DRAFT MAR 2009 INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIA-PA COMMUNICATION NETWORK AND COMMUNICATION PROFILE
CAN/CSA-ISO/IEC 18033-2:06 (R2016) INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
ISO/IEC 10118-1:2016 Information technology Security techniques Hash-functions Part 1: General
I.S. EN 62734:2015 INDUSTRIAL NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - ISA 100.11A
BS ISO/IEC 9796-2:2010 Information technology. Security techniques. Digital signature schemes giving message recovery Integer factorization based mechanisms
ISO/IEC 18033-2:2006 Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers
ISO 11568-4:2007 Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle
CEN/TS 14821-5:2003 Traffic and Travel Information (TTI) - TTI messages via cellular networks - Part 5: Internal services
EN 62734:2015 Industrial networks - Wireless communication network and communication profiles - ISA 100.11a
EN 62601:2016 Industrial networks - Wireless communication network and communication profiles - WIA-PA
ISO/IEC 11770-5:2011 Information technology Security techniques Key management Part 5: Group key management
CSA ISO/IEC 18033-2 :2006 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
09/30202174 DC : 0 BS EN 50159 - RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
INCITS/ISO/IEC 9798-4 : 1999 : R2005 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION - PART 4: MECHANISMS USING A CRYPTOGRAPHIC CHECK FUNCTION
ISO/IEC 9796-2:2010 Information technology Security techniques Digital signature schemes giving message recovery Part 2: Integer factorization based mechanisms
10/30228327 DC : 0 BS ISO/IEC 18031 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
ISO/IEC 16512-2:2016 Information technology Relayed multicast protocol: Specification for simplex group applications Part 2:
12/30259506 DC : DRAFT JAN 2012 BS EN 62734 - INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIRELESS SYSTEMS FOR INDUSTRIAL AUTOMATION: PROCESS CONTROL AND RELATED APPLICATIONS (BASED ON ISA 100.11A)
ISO/IEC 11770-4:2017 Information technology — Security techniques — Key management — Part 4: Mechanisms based on weak secrets
16/30288045 DC : 0 BS ISO/IEC 20009-4 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ANONYMOUS ENTITY AUTHENTICATION - PART 4: MECHANISMS BASED ON WEAK SECRETS
18/30331887 DC : 0 BS ISO/IEC 20889 - INFORMATION TECHNOLOGY- SECURITY TECHNIQUES - PRIVACY ENHANCING DATA DE-IDENTIFICATION TECHNIQUES
PD ISO/TR 14742:2010 Financial services. Recommendations on cryptographic algorithms and their use
BS ISO/IEC 18367:2016 Information technology. Security techniques. Cryptographic algorithms and security mechanisms conformance testing
INCITS/ISO/IEC 18033-2 : 2008 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
BS ISO/IEC 18031 : 2011 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
I.S. EN 62601:2016 INDUSTRIAL NETWORKS - WIRELESS COMMUNICATION NETWORK AND COMMUNICATION PROFILES - WIA-PA
PREN 50159 : DRAFT 2009 RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY-RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
ISO/IEC 11889-1:2015 Information technology — Trusted platform module library — Part 1: Architecture
ISO/IEC 18367:2016 Information technology Security techniques Cryptographic algorithms and security mechanisms conformance testing
ISO/IEC 11889-2:2015 Information technology — Trusted Platform Module Library — Part 2: Structures
04/30040717 DC : DRAFT JUL 2004 ISO/IEC 18033-2 - INFORMATION TECHNOLOGY - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
BS ISO/IEC 16512-2:2016 Information technology. Relayed multicast protocol: Specification for simplex group applications
09/30214048 DC : 0 BS ISO/IEC 9796-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURE SCHEMES GIVING MESSAGE RECOVERY - PART 2: INTEGER FACTORIZATION BASED MECHANISMS
BS EN 50159:2010 Railway applications. Communication, signalling and processing systems. Safety-related communication in transmission systems
BS ISO/IEC 20009-4:2017 Information technology. Security techniques. Anonymous entity authentication Mechanisms based on weak secrets
14/30302807 DC : 0 BS ISO/IEC 11889-4 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 4: SUPPORTING ROUTINES
BS ISO/IEC 20648:2016 Information technology. TLS specification for storage systems
BS EN ISO 12855:2015 Electronic fee collection. Information exchange between service provision and toll charging
IEC PAS 62601:2009 Industrial communication networks - Fieldbus specifications - WIA-PA communication network and communication profile
CAN/CSA-ISO/IEC 18031:13 (R2017) Information technology - Security techniques - Random bit generation (Adopted ISO/IEC 18031:2011, second edition, 2011-11-15)
INCITS/ISO/IEC 11770-5 : 2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 5: GROUP KEY MANAGEMENT
CSA ISO/IEC 18031 : 2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
ISO 15764:2004 Road vehicles Extended data link security
BS ISO 16609:2012 Financial services. Requirements for message authentication using symmetric techniques
CAN/CSA-ISO/IEC 11889-4:16 Information technology Trusted Platform Module Library Part 4: Supporting Routines (Adopted ISO/IEC 11889-4:2015, second edition, 2015-12-15)
BS ISO/IEC 11770-4:2017 Information technology. Security techniques. Key management Mechanisms based on weak secrets
ISO/TR 14742:2010 Financial services Recommendations on cryptographic algorithms and their use
UNE-EN 50159:2011 Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
IEC 62734:2014 Industrial networks - Wireless communication network and communication profiles - ISA 100.11a
CEI EN 50159 : 2012 RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY-RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
14/30302798 DC : 0 BS ISO/IEC 11889-1 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 1: ARCHITECTURE
BS ISO/IEC 11770-5:2011 Information technology Security techniques. Key management Group key management
BS IEC 62601:2011 Industrial communication networks. Fieldbus specifications. WIA-PA communication network and communication profile
BS ISO/IEC 11889-4:2009 Information technology. Trusted platform module Commands
DIN EN 62601:2016-10 Industrial networks - Wireless communication network and communication profiles - WIA-PA (IEC 62601:2015); English version EN 62601:2016
10/30237107 DC : DRAFT DEC 2010 BS ISO/IEC 11770-5 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 5: GROUP KEY MANAGEMENT
BS EN 62734:2015 Industrial networks. Wireless communication network and communication profiles. ISA 100.11a
INCITS/ISO/IEC 18031 : 2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - RANDOM BIT GENERATION
BS ISO/IEC 19790:2012 Information technology. Security techniques. Security requirements for cryptographic modules
14/30302801 DC : 0 BS ISO/IEC 11889-2 - INFORMATION TECHNOLOGY - TRUSTED PLATFORM MODULE - PART 2: STRUCTURES
15/30321754 DC : 0 BS ISO/IEC 20648 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - TLS SPECIFICATION FOR STORAGE SYSTEMS
07/30173155 DC : 0 BS ISO/IEC 9798-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENTITY AUTHENTICATION - PART 2: MECHANISMS USING SYMMETRIC ENCIPHERMENT ALGORITHMS
09/30207165 DC : 0 BS EN 62601 - INDUSTRIAL COMMUNICATION NETWORKS - FIELDBUS SPECIFICATIONS - WIA-PA COMMUNICATION NETWORK AND COMMUNICATION PROFILE
16/30335688 DC : 0 BS ISO/IEC 11770-4 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 4: MECHANISMS BASED ON WEAK SECRETS
ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
ISO/IEC 11889-4:2015 Information technology Trusted Platform Module Library Part 4: Supporting Routines
IEC 62280:2014 Railway applications - Communication, signalling and processing systems - Safety related communication in transmission systems
EN 50159:2010 Railway applications - Communication, signalling and processing systems - Safety-related communication in transmission systems
ISO 12855:2015 Electronic fee collection Information exchange between service provision and toll charging
IEC 62601:2015 Industrial networks - Wireless communication network and communication profiles - WIA-PA
EN ISO 12855:2015 Electronic fee collection - Information exchange between service provision and toll charging (ISO 12855:2015)
BS ISO/IEC 11889-1:2009 Information technology. Trusted platform module Overview
11/30231411 DC : 0 BS ISO 16609 - FINANCIAL SERVICES - REQUIREMENTS FOR MESSAGE AUTHENTICATION USING SYMMETRIC TECHNIQUES
BS ISO/IEC 11889-2:2009 Information technology. Trusted platform module Design principles
PD ISO/IEC TR 29149:2012 Information technology. Security techniques. Best practices for the provision and use of time-stamping services
BS ISO/IEC 18033-2 : 2006 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ENCRYPTION ALGORITHMS - PART 2: ASYMMETRIC CIPHERS
DD CEN/TS 14821-5:2003 Traffic and Travel Information (TTI). TTI messages via cellular networks Internal services
BS ISO/IEC 10118-1:2016 Information technology. Security techniques. Hash-functions General
CAN/CSA-ISO/IEC 11889-2:16 Information technology Trusted Platform Module Library Part 2: Structures (Adopted ISO/IEC 11889-2:2015, second edition, 2015-12-15)
CAN/CSA-ISO/IEC 11889-1:16 Information technology Trusted Platform Module Library Part 1: Architecture (Adopted ISO/IEC 11889-1:2015, second edition, 2015-12-15)
ISO/IEC 20009-4:2017 Information technology — Security techniques — Anonymous entity authentication — Part 4: Mechanisms based on weak secrets
ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
I.S. EN 50159:2010 RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SAFETY-RELATED COMMUNICATION IN TRANSMISSION SYSTEMS
ISO/IEC TR 29149:2012 Information technology Security techniques Best practices for the provision and use of time-stamping services
CAN/CSA-ISO/IEC 10118-1:18 Information technology - Security techniques - Hash-functions - Part 1: General (Adopted ISO/IEC 10118-1:2016, third edition, 2016-10-15)
CAN/CSA-ISO/IEC 18367:18 Information technology — Security techniques — Cryptographic algorithms and security mechanisms conformance testing (Adopted ISO/IEC 18367:2016, first edition, 2016-12-15)
CAN/CSA-ISO/IEC 16512-2:18 Information technology — Relayed multicast protocol: Specification for simplex group applications (Adopted ISO/IEC 16512-2:2016, third edition, 2016-04-01)
CAN/CSA-ISO/IEC 20648:18 Information technology ? TLS specification for storage systems (Adopted ISO/IEC 20648:2016, first edition, 2016-03-01)

ISO/IEC 18032:2005 Information technology Security techniques Prime number generation
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 10118-1:2016 Information technology Security techniques Hash-functions Part 1: General
ISO/IEC 646:1991 Information technology ISO 7-bit coded character set for information interchange
ISO/IEC 9797-1:2011 Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher
ISO/IEC 10118-3:2004 Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions
ISO/IEC 10181-6:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Integrity framework

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Need help?
Call us on 131 242, then click here to start a Screen Sharing session
so we can help right away! Learn more