Glossary

Learn about data security, encryption, hashing and encoding in our knowledge base.

Message authentication code

A message authentication code (MAC) is a short piece of data that is used to authenticate the integrity and authenticity of a message. MACs are commonly used in communication protocols to ensure that the message has not been tampered with during transmission.

To generate a MAC, the sender computes a hash of the message using a secret key known only to the sender and the recipient. The MAC is then appended to the message and transmitted to the recipient.

Upon receipt of the message, the recipient computes the MAC using the same secret key and compares it to the MAC that was received with the message. If the MACs match, the recipient can be confident that the message has not been tampered with and that it was sent by the intended sender.

There are several types of MAC algorithms, including:

  • HMAC (Hash-based Message Authentication Code): This is a widely used MAC algorithm that uses a cryptographic hash function, such as SHA-256, in combination with a secret key to compute the MAC.

  • CMAC (Cipher-based Message Authentication Code): This is a MAC algorithm that uses a symmetric block cipher, such as AES, in combination with a secret key to compute the MAC.

  • UMAC (Unkeyed Message Authentication Code): This is a MAC algorithm that does not use a secret key to compute the MAC. Instead, it relies on the properties of the underlying hash function to provide security.

MACs are an important tool for ensuring the authenticity and integrity of messages in communication protocols. They help to ensure that the messages are not tampered with during transmission and that they are sent by the intended sender.