7 Message authentication codes
This chapter covers
- Understanding the relationship between the integrity and authenticity of a message
- Working with message authentication codes (MACs)
- Understanding attacks on secret-prefix and secret-suffix MACs
- Hash-based MACs (HMACs) and their resistance to length-extension and collision attacks
In the previous chapter, we saw how hash functions are used to calculate and ascertain data integrity. In this chapter, we look at the closely related topic of authenticity and how message authentication codes (MACs) are used to ensure that a message was indeed authored by a particular sender. We will dive deep into approaches for building MACs on top of hash functions and the associated risks. Specifically, we will exploit Merkle–Damgård–based hash functions for a length-extension attack, which has historically led to vulnerabilities with API authentication schemes.