Block ciphers can be used to construct MAC.

Let's review two examples for such approach.

Let's begin with the older algorithm,

the Data Authentication Algorithm or DAA,

a widely used MAC based on DES cipher and using

CBC mode- although it is now considered obsolete.

Let's first recap the Cipher Block Chaining or CBC mode for block cipher operations.

This figure illustrates the CBC mode where

the top corresponds to the encryption and the bottom the decryption.

DAA built on such block cipher operation mode and uses

the DES cipher for the encryption blocks with 64 input and output and a 56-bit key.

So b is equal to 64 and K is 56-bits long here.

The Pvi here corresponds to the data blocks,

and the encryption is not for message confidentiality but rather for MAC computation.

The MAC is the output of the last DES cipher encryption block, CvN here.

Among the 64 bits of output for CvN,

the MAC corresponds to the leftmost bits of CvN

where the length of the MAC can be between 16 to 64 bits.

The initialization value, or IV,

is a 64-bit zero vector with all of its elements being zero bit.

The last data block of PvN is zero-padded if needed.

While DAA has been used widely in the past,

the MAC's size of 16 to 64 bit is now considered too small for security.