Talk:ISO/IEC 9797-1

Algorithm 5 and CMAC
I don't have a copy of 9797-1:2011, so I can't check, but it seems there is still a discrepancy (after this edit) between the descriptions in ISO/IEC 9797-1 and CMAC.

ISO/IEC 9797-1 says:

but the diagram on CMAC shows that the last encryption with k (the original key) is of m'n, not mn as would be implied by "The first instance [of MAC algorithm 1) operates on [all of] the original input data." (Note that n in CMAC is equivalent to q in ISO/IEC 9797-1, both being the number of blocks in the data/message.)

ISO/IEC 9797-1 also says:

but the diagram on CMAC shows that the key variants k1 and k2 are used to "tweak" mn; there's nothing in the CMAC diagram the remotely looks like MAC algorithm 1 operating on (or with) the two key variants.

Finally ISO/IEC 9797-1 says:

but the diagram on CMAC shows that the MAC is the result of Ek(...), not the result of an XOR.

Is the algorithm described by the CMAC article actually the same as ISO/IEC 9797-1 MAC algorithm 5? (The CMAC article does not mention 9797-1.) If so, ISO/IEC 9797-1 needs re-writing so that it is accurate. If not, we should not link to it. Possibly there are multiple algorithms referred to as "CMAC", in which case a disambiguation page might be required. Mitch Ames (talk) 12:53, 26 May 2016 (UTC)