Message Authentication Code (MAC) is one of the Cryptographic Hash Function and is a short piece of information used to authenticate a message. Message Authentication Codes are also called as authentication tags or Checksum. MAC is verified by an intended recipient. A Message Authentication algorithm accepts secret key as its input and an arbitrary length message to be authenticated and outputs a message authenticated code. The value of MAC protects messages from both data integrity and authenticity. MAC allows verifiers to detect changes in the message content. MAC values are generated and verified using the same secret key.

Four types of message authentication codes are: Unconditionally secure MAC, Hash function based MAC, Stream cipher based MAC, and Block cipher based MAC functions. Some of the popular MAC functions are: HMAC, UMAC, VMAC, OMAC, CBC-MAC, PMAC etc. Standards That Define Mac Functions Are:

  • FIPS PUB 113 – Computer Data authentication
  • ISO/IEC 9797-1 – These standards use a Block Cipher.
  • ISO/IEC 9797-2 – These standards use a dedicated Hash Function.

Advantages and Drawbacks of Message Authentication Codes (MAC)

  • Advantages of Message Authentication Codes (MAC)
    • MAC can be sent with the message on the same channel.
    • Authenticity is assured by message authentication algorithms.
    • Proper integrity of data is maintained
  • Drawbacks of Message Authentication Codes (MAC)
    • It is difficult to convince a third party if a message authentication code is used.
    • The MAC protocol is open to existential Forgery Attack.
    • Reversible encryption is sometimes necessary when working with message authentication codes.