Message authentication code (MAC)
Message authentication code (MAC) is a cryptographic primitive/algorithm used to provide message source authentication and integrity.
- is a piece of information associated with a message, used to authenticate the message sender and protect integrity of the message
- computed by applying a MAC algorithm to a message in combination with a symmetric key
- produces a MAC or tag
- can be generated by:
- algorithms that rely on a hash function and a key
- called hash MAC/HMAC/keyed-hashed functions
- data and key are hashed together to produce a MAC, which is then stored or transmitted with data
- algorithms based on stream ciphers
- the final state of internal cipher registers contain the MAC
- algorithms based on block ciphers
- data is encrypted block by block and the ciphertext of each block is used to encrypt the next block
- the encryption of the final block is the MAC
- algorithms that rely on a hash function and a key
- MAC differs from digital signature as MAC values are generated and verified using the same secret
- while signatures may be generated by private keys and validated by public keys
How it Works
- MAC algorithms have two parameters:
- secret key
- used to verify authenticity
- hash function
- used to produce message digests
- secret key
- MAC system has 3 components
- key generation algorithm
- selects keys from the key space uniformly at random and periodically refreshed
- digest generation algorithm
- returns a digest given the key and a message
- verifying algorithm
- verifies the authenticity of the message given the key and the digest
- if the hash computed by the receiver is identical to the one received, message is accepted
- key generation algorithm
Usage
- sender generates a MAC using data to protect and a key shared with the recipient
- receiver of the pair (data, MAC) computes a MAC using the received data and the shared key
- compares the MACs to each other
- if both equal, then data is not altered and is authenticated
MAC Properties
- Mac systems should adapt to a large number of applications
- should accept arbitrary length of message, while producing a fixed length output
- Preserve the integrity of the message
- Authenticate the message sender
Categories
- Hash function-based MACs
- Block cipher-based MACs
Security Services
- MAC provides 2 security services:
- data integrity
- if the MAC received is equal to the MAC computed, then the message was not modified
- data origin authentication
- valid MAC can only be created by the symmetric key
- since the key is shared only between the sender and receiver, then a matching MAC can assure the message came from the sender
- data integrity
- does not provide non-repudiation
- because both sender and receiver have the key, so one can impersonate the other