This chapter covers:
- Message authentication codes (MACs), a cryptographic primitive to protect the integrity of data.
- The security properties and the pitfalls of MACs.
- The widely adopted standards for MACs.
Chapter 3 from Real-World Cryptography by David Wong
In chapter 2, you’ve learned about an interesting construction --hash functions—that on its own doesn’t provide much, but if used in combination with a secure channel allows you to verify the authenticity and integrity of some data. In this chapter, you will see how you can provide integrity and authenticity over messages without the use of a secure channel at all.
For this chapter you’ll need to have read:
- Chapter 2 on hash functions.
Let’s picture the following scenario: you are a webpage. You’re bright, full of colors, and above all you’re proud of serving a community of loyal users. To interact with you, visitors must first log-in by sending you their credentials, which you must then validate. If the credentials match those that were used when the user first signed up, then you have successfully authenticated the user.