How can I do an ISO 9797-1 MAC with triple DES in C#?

Asked 19/5, 2011 at 8:21 Answered 9/6, 2011 at 11:8

I've got a project which stipulates the following encryption rules for a 24 byte block of data.

1) Cryptography should be done using full triple DES MAC algorithm as defined in 9797-1 as MAC algorithm 3 with output transformation 3 without truncation and with DES in CBC mode as block cipher with ICV set to zeros. Last 8 bytes of encrypted data constitute the value we need.

The program is saying the encryption done is wrong. Are there any other things I need to do to match the above spec?

The data is a 24 byte value and output of the encryption should be 8 bytes, I guess (as per the spec). I am getting the whole 24 bytes as output :(

I wrote the following code to achieve the said specification:

des.KeySize = 128;
des.Key = ParseHex(key);
des.Mode = CipherMode.CBC;
des.Padding = PaddingMode.None;

ICryptoTransform ic = des.CreateEncryptor();

CryptoOutput = ic.TransformFinalBlock(CryptoOutput, 0, 24);

I tried this also:

MACTripleDES des = new MACTripleDES(ParseHex(key));
byte[] CDCryptp = des.ComputeHash(CryptoOutput);

Cockaigne answered 19/5, 2011 at 8:21 Comment(4)

So you're doing a MAC, not encryption? So you want to generate the 8 byte tag, If I understand you correctly? Can you link to the standard in question (I cannot see the PDF, you have to buy it) – Luigiluigino 19/5, 2011 at 11:7

Hi Henno.This is my very fist encounter with encryption. I thought i was doing encryption using MACTripleDES. Can you please explain the difference between both? – Cockaigne 19/5, 2011 at 11:29

A MAC authenticates the message. So you send the message (in plain, or encrypted) and you add a MAC (called a tag) that depends on the message and a secret key that you share with the other side. The MAC ensures that no-one can modify the message, because the modifier cannot compute the right tag (he would need the secret key for that). So it ensures the message has not been tampered with, and is also an indication for the other side that the sender also knows the secret key to generate the tag, so is "good". So it's authentication+integrity, not confidentiality. – Luigiluigino 19/5, 2011 at 12:2

"Last 8 bytes of encrypted data constitute the value we need." -- is the output supposed to be just the last 8 bytes of the ciphertext? – Comfy 7/6, 2011 at 2:31

ISO 9797-1 MAC Algorithm 3 consists of using the first DES key to perform a CBC MAC and then only for the final block perform a full 3-DES operation.

Try this:

byte[] keybytes = ParseHex(key);
byte[] key1 = new byte[8];
Array.Copy(keybytes, 0, key1, 0, 8);
byte[] key2 = new byte[8];
Array.Copy(keybytes, 8, key2, 0, 8);

DES des1 = DES.Create();
des1.Key = key1;
des1.Mode = CipherMode.CBC;
des1.Padding = PaddingMode.None;
des1.IV = new byte[8];

DES des2 = DES.Create();
des2.Key = key2;
des2.Mode = CipherMode.CBC;
des2.Padding = PaddingMode.None;
des2.IV = new byte[8];

// MAC Algorithm 3
byte[] intermediate = des1.CreateEncryptor().TransformFinalBlock(data, 0, data.Length);

// Output Transformation 3
byte[] intermediate2 = des2.CreateDecryptor().TransformFinalBlock(intermediate, intermediate.Length - 8, 8);
byte[] result = des1.CreateEncryptor().TransformFinalBlock(intermediate2, 0, 8);

Opera answered 9/6, 2011 at 11:8 Comment(2)

Can anyone translate this to objective c? – Groundsill 28/4, 2016 at 11:9

Can anyone translate this to swift ? – Bebebebeerine 24/6, 2020 at 9:20

For CBC-MAC mode you should encrypt the whole message in CBC mode with zero initialization vector (IV), and take only the last 8 bytes (for DES) of the output. Also, since you need to use DES, it should have 64 bit key, not 128. If you can quote the ISO (cannot find free copy), I can describe what you should do in more details.

Mythical answered 8/6, 2011 at 19:11 Comment(2)

Please, describe it! – Solid 12/5, 2015 at 12:59

Please give quotation from that ISO, I cannot describe the details without having the document. – Mythical 13/5, 2015 at 13:56

-2

The question is perhaps not as well worded as it ought to be, and looks a lot like homework. So I'll point you at some links, which you may not have seen yet, so you can learn.

Someone else is doing 3DES MAC values at TripleDES: Specified key is a known weak key for 'TripleDES' and cannot be used although I would not recommend altering the behavior of .NET like some of the answers there.

If all you need is to just use 3DES, check this out: http://social.msdn.microsoft.com/Forums/en-US/csharpgeneral/thread/b9239824-e8a1-4955-9193-d9f6993703f3/

Electrojet answered 7/6, 2011 at 20:14 Comment(0)

Recommended topics

Hot tags