Definition
Block-Cipher-based Message Authentication Code
A block-cipher-based message authentication code (CBC-MAC) is a MAC constructed from a block cipher operating in CBC mode with a null initialisation vector. The MAC is the block resulting from the last encryption.
Security
Fixed-Length Only
Plain CBC-MAC is secure only for fixed-length messages.
Encrypted CBC-MAC
A variation in which the encryption of the last block (the MAC of the plain CBC-MAC scheme) is encrypted under a different key. This can be securely used with variable-length messages.