This chapter covers:
- Message Authentication Codes (MAC), a cryptographic primitive to protect the integrity of data.
- The security properties and the pitfalls of MACs.
- The widely adopted standards for MACs.
In the previous chapter 2, you’ve learned about an interesting construction (a hash function) that on its own does not provide much, but if used in combination with a secure channel allows us to verify the authenticity and integrity of messages. In this chapter, we will see how one can provide integrity and authenticity over messages without the use of a secure channel.
For this chapter you’ll need to have read:
- Chapter 2 on Hash Functions.
Let’s picture the following scenario: you are a webpage. Your are bright, full of colors, and above all you are proud of serving a community of loyal users. To interact with your webpage, users must first log-in by sending you their credentials. Receiving these credentials, your job is to first validate them (they could be lying to you after all). If the credentials are matching those that were used when the user first signed up, we deem them correct and say that we authenticated the user. From then on, you want to avoid having them re-authenticate in every request to our webpage, so you send them a session cookie.