Message authentication code is also known as
|
A family of cryptographic functions that is parameterized by a symmetric key. Each of the functions can act on input data (called a “message”) of variable length to produce an output value of a specified length. The output value is called the MAC of the input message. MAC(k, x, …) is used to denote the MAC of message x computed using the key k (and any additional algorithm-specific parameters). An approved MAC algorithm is expected to satisfy the following property (for each supported security strength): Show Without knowledge of the key k, it must be computationally infeasible to predict the (as-yet-unseen) value of MAC(k, x, …) with a probability of success that is a significant improvement over simply guessing either the MAC value or k, even if one has already seen the results of using that same key to compute MAC(k, xj, …) for (a bounded number of) other messages \(x_{j}\neq x\). A MAC algorithm can be employed to provide authentication of the origin of data and/or to provide data-integrity protection. In this Recommendation, approved MAC algorithms are used to determine families of pseudorandom functions (indexed by the choice of key) that may be employed during key derivation.
A
message authentication code (MAC) is a small block of data attached to a message that is used by the recipient to verify the integrity of the message. One could think of it as akin to the wax seals that used to be placed on letters and formal correspondence to verify the identify of the sender and confirm that the message had not been opened. Such codes are used when certain types of encrypted or secured data are
sent so the sender can check to confirm that the message has not been compromised. Message authentication codes can appear on messages such as electronic funds transfers and emails. When a message is generated, the MAC is created at the same time. The message is sent to the recipient, and when the recipient opens it, the contents of the message are run through an algorithm to create a new message
authentication code. This new code is compared with the code sent along with the original message. If the codes are the same, the message is authenticated. If there is a difference, it indicates that something about the message changed between sender and recipient. The process of generating and comparing MACs usually happens behind the scenes. The sender and recipient rely on the encryption programs they use to handle the MAC. The program that generates the message authentication code is written by a programmer familiar with cryptography needs. Custom applications may be written for high security situations, or people can use generic programs that are readily available. Several different methods can be used to create a MAC, including a stream cipher, a hash function, or a block cipher. Also known as a checksum, the MAC can be one among several layers of security that are designed to keep prying eyes away from messages and to ensure that messages are not manipulated or altered without alerting the recipient. When a recipient opens a message that has been compromised, an alert will display to tell the user that the message authentication code does not match and that there is a problem with the message. Cryptography is a constantly evolving process. As new techniques are developed, new methods for cracking them are also created. People interested in data security must think several steps ahead to predict methods for breaking cryptography so they can build strong security systems. The development of supercomputers has assisted with this process by allowing cryptographers to develop and experiment with highly advanced encryption methods. Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a SmartCapitalMind researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors. Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a SmartCapitalMind researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors. RecommendedWhat is message authentication code?A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data. A MAC requires two inputs: a message and a secret key known only to the originator of the message and its intended recipient(s).
Is message authentication code same as hash?A message authentication code (MAC) is similar to a cryptographic hash, except that it is based on a secret key. When secret key information is included with the data that is processed by a cryptographic hash function, the resulting hash is known as an HMAC.
How is message authentication code created?Message Authentication Code (MAC)
Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent along with a message to ensure message authentication. The sender uses some publicly known MAC algorithm, inputs the message and the secret key K and produces a MAC value.
Is message authentication code a signature?Digital signatures are the public key equivalent of private key message authentication codes (MACs). Whereas MACs use private keys to enable a message recipient to verify that a message has not been altered during transmission, signatures use a private/public key pair.
What are the types of message authentication function?There are three types of functions that may be used to produce an authenticator: a hash function, message encryption, message authentication code (MAC).
|
