This chapter covers:
- Message authentication codes (MACs), a cryptographic primitive to protect the integrity of data.
- The security properties and the pitfalls of MACs.
- The widely adopted standards for MACs.
Mix a hash function with a secret key, and you obtain something called a message authentication code (MAC). The addition of a secret key is the foundation behind any type of security: without keys there can be no confidentiality, and there can be no authentication. While hash functions can provide authentication or integrity for arbitrary data, they did this thanks to an additional trusted channel. In this chapter you will see how a MAC can be used to create such a trusted channel, and what else it can do.
For this chapter you’ll need to have read:
- Chapter 2 on hash functions.
Let’s picture the following scenario: you are a webpage. You’re bright, full of colors, and above all you’re proud of serving a community of loyal users. To interact with you, visitors must first log-in by sending you their credentials, which you must then validate. If the credentials match those that were used when the user first signed up, then you have successfully authenticated the user.