Applied Cryptography

Message Authentication Codes (MAC)

Hash, or digest, computed with a key.

  • Only key-holders can generate and validate the MAC.

Used to authenticate messages.

  • M’ = M | MAC(M)

Approaches

Encryption of an ordinary digest.

  • Using, for instance, a symmetric block cipher.

  • Using encryption with feedback & error propagation.

    • ANSI X9.9 (or DES-MAC) with DES CBC (64 bits).

    • CBC-MAC

Adding a key to the hashed data.

  • Keyed-MD5 (128 bits).

    • MD5(K, keyfill, text, K, MD5fill).

  • HMAC (Hashed-based MAC).

    • Generic construction, uses a hash function H.

    • Output length depends on H.

    • HMAC-MD5, HMAC-SHA, etc.

  • H ( K, opad, H ( K, ipad, text ) )

  • ipad = 0x36 B times

  • opad = 0x5C B times

PreviousRainbow TablesNextAuthenticated Encryption

Last updated