Explain Message Authentication Code (MAC) in brief?

It is generated by an algorithm that creates a small fixed-sized block

  1. depending on both message and some key
  2. like encryption though need not be reversible

It is appended to message as a signature and receiver performs same computation on message and checks it matches the MAC. It provides assurance that message is unaltered and comes from sender.


As shown the MAC provides confidentiality. It can also use encryption for secrecy

  1. is generally regarded as better done before
  2. can compute MAC either before or after encryption
  3. generally use separate keys for each
  4. why use a MAC?
    • sometimes only authentication is needed
    • sometimes need authentication to persist longer than the encryption (eg. archival use)
  5. note that a MAC is not a digital signature

MAC Properties:
A MAC is a cryptographic checksum

  1. MAC = CK(M)
    • condenses a variable-length message M
    • using a secret key K
    • to a fixed-sized authenticator

It is a many-to-one function

    • potentially many messages have same MAC
    • but finding these needs to be very difficult

By taking into account the types of attacks, the MAC need to satisfy the following:

    • knowing a message and MAC, is infeasible to find another message with same MAC
    • MACs should be uniformly distributed
    • MAC should depend equally on all bits of the message
  1. can use any block cipher chaining mode and use final block as a MAC
  2. Data Authentication Algorithm (DAA) is a widely used MAC based on DES-CBC
    • using IV=0 and zero-pad of final block
    • encrypt message using DES in CBC mode
    • and send just the final block as the MAC
      • or the leftmost M bits (16≤M≤64) of final block
  3. but final MAC is now too small for security

Leave a Reply

Your email address will not be published. Required fields are marked *