I just figured out Triple DES encryption and decryption for credit card. Can any one tell me how to de-crypt CBC-MAC...CBC-MAC at the end would give a 4 byte MAC. From MAC to Encryption, how exactly does it work? What is MAC doing?
Once there is an encryption done through CBC-MAC, how can we de-crypt them? Triple-DES would not work for my case.
Another question here. have you all heard of any decryption algorithm that involves:
- DUKPT
- TDES, and
- MAC variant (versus PIN variant)
I have good understanding of TDES and DUKPT, but how would MAC variant play a role in the decryption algorithm?
How is MAC variant different from PIN variant?
Thank you!
You cannot "decrypt" a CBC-MAC tag. A message authentication code (MAC) is a keyed integrity check. It means that the tag that is created from a MAC algorithm has always the same length regardless of the data length that you put in. In the case of CBC-MAC with Triple-DES that is the size of the block of 3DES which is 64-bit (or a shorter slice of it).
If your data is longer than that, then you can't "decrypt" it, because there are multiple solutions now. You can however run the original data again through CBC-MAC with the same key and re-create the tag again. Then you check the two tags to see if they match. If they do, then you know that your data wasn't tampered with. (But probably not, because 3DES is not that good when not used with 3 distinct keys and CBC-MAC is not considered secure anymore if you accept arbitrary messages.)