diff --git a/cmac.cpp b/cmac.cpp
index 1b56662d..367a778c 100644
--- a/cmac.cpp
+++ b/cmac.cpp
@@ -77,7 +77,8 @@ void CMAC_Base::Update(const byte *input, size_t length)
 		return;
 
 	BlockCipher &cipher = AccessCipher();
-	unsigned int blockSize = cipher.BlockSize();
+	const unsigned int blockSize = cipher.BlockSize();
+	const unsigned int alignment = cipher.OptimalDataAlignment();
 
 	if (m_counter > 0)
 	{
@@ -100,7 +101,20 @@ void CMAC_Base::Update(const byte *input, size_t length)
 	if (length > blockSize)
 	{
 		CRYPTOPP_ASSERT(m_counter == 0);
-		size_t leftOver = 1 + cipher.AdvancedProcessBlocks(m_reg, input, m_reg, length-1, BlockTransformation::BT_DontIncrementInOutPointers|BlockTransformation::BT_XorInput);
+		const byte* is = input;  // m_reg is always aligned
+
+		AlignedSecByteBlock i;
+		if (!IsAlignedOn(input, alignment))
+		{
+			i.Assign(input, length);
+			is = i.begin();
+		}
+
+		// size_t leftOver = 1 + cipher.AdvancedProcessBlocks(m_reg, input, m_reg, length-1,
+		//   BlockTransformation::BT_DontIncrementInOutPointers|BlockTransformation::BT_XorInput);
+		const int flags = BlockTransformation::BT_DontIncrementInOutPointers|BlockTransformation::BT_XorInput;
+		size_t leftOver = 1 + cipher.AdvancedProcessBlocks(m_reg, is, m_reg, length-1, flags);
+
 		input += (length - leftOver);
 		length = leftOver;
 	}
diff --git a/cmac.h b/cmac.h
index 60482277..1743c008 100644
--- a/cmac.h
+++ b/cmac.h
@@ -34,7 +34,7 @@ protected:
 	virtual BlockCipher & AccessCipher() =0;
 
 	void ProcessBuf();
-	SecByteBlock m_reg;
+	AlignedSecByteBlock m_reg;
 	unsigned int m_counter;
 };