Add more approved MAC algorithms

OWASP · Feb 1, 2025 · cb3c431 · cb3c431
1 parent 9f47d16
commit cb3c431
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/5.0/en/0x97-Appendix-V_Cryptography.md b/5.0/en/0x97-Appendix-V_Cryptography.md
@@ -250,6 +250,9 @@ The following MAC algorithms are approved for use in securing messages by provid
 | KMAC128           | [NIST SP 800-185](https://csrc.nist.gov/pubs/sp/800/185/final)                             | ✓                       | ✓  | ✓  | ✓  |
 | KMAC256           | [NIST SP 800-185](https://csrc.nist.gov/pubs/sp/800/185/final)                             | ✓                       | ✓  | ✓  | ✓  |
 | BLAKE3            |  [BLAKE3 one function, fast everywhere](https://github.com/BLAKE3-team/BLAKE3-specs/raw/master/blake3.pdf)  | ✓                       | ✓  | ✓  | ✓  |
+| AES-CMAC          | [RFC 4493](https://datatracker.ietf.org/doc/html/rfc4493) & [NIST SP 800-38B](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf) | ✓ | ✓  | ✓  | ✓  |
+| AES-GMAC          | [NIST SP 800-38D](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf)            | ✓ | ✓  | ✓  | ✓  |
+| Poly1305-AES      | [The Poly1305-AES message-authentication code](https://cr.yp.to/mac/poly1305-20050329.pdf)                  | ✓ | ✓  | ✓  | ✓  |
 
 Note that while SHA-1 should not be used in general, the usage of HMAC-SHA-1 is currently not considered to be problematic
 ([NIST SP 800-57](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf)).