message authentication code (MAC)

A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.

A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.

A MAC requires two inputs: a message and a secret key known only to the originator of the message and its intended recipient(s). This allows the recipient of the message to verify the integrity of the message and authenticate that the messege's sender has the shared secret key. If a sender doesn’t know the secret key, the hash value would then be different, which would tell the recipient that the message was not from the original sender. 

There are four types of MACs:  unconditionally secure, hash function-based, stream cipher-based  and block cipher-based  In the past, the most common approach to creating a MAC was to use block ciphers like Data Encryption Standard (DES), but hash-based MACs (HMACs) which use a secret key in conjunction with a cryptographic hash function to produce a hash, have become more widely used.

This was first published in November 2010

Next Steps

Authentication comes in all sizes and flavors, and security pros need to know the differences between subjects like data integrity and PKI, and multifactor authentication. Learn about the various types of data integrity authentication schemes such as message authentication protocol (MAC) and hashing algorithms to ensure data hasn’t been tampered with along the way. Then, read about how to build a business case for MFA.

Continue Reading About message authentication code (MAC)

Glossary

'message authentication code (MAC)' is part of the:

View All Definitions

Dig Deeper

PRO+

Content

Find more PRO+ content and other member only offers, here.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close