The With-MAC key-wrapping algorithm for Cryptographic Message Syntax
MIT Lincoln Laboratory
MIT Lincoln Laboratory
This document describes a new key-wrapping algorithm to be used in
the EnvelopedData, AuthenticatedData and AuthEnvelopedData structures
of the Cryptographic Message Syntax. Because these structures do not
provide data-origin authentication, a recipient cannot
cryptographically verify that the plaintext received was the
plaintext encapsulated by the message's original sender. The With-
MAC key-wrapping algorithm allows an EncryptedKey value to hold both
a wrapped symmetric key and a MAC value on the data to be
authenticated. When used in EnvelopedData, AuthenticatedData and
AuthEnvelopedData structures, therefore, these structures can achieve
data-origin authentication (in some circumstances) using only
symmetric-key algorithms. This is useful in cases where the
structures must be generated by entities without certified digital-
signature keys.