Common MAC algorithms

By Martin McBride, 2017-04-09
Tags: cryptography message authentication code mac hmac
Categories: cryptography

Here are some of the most common MAC algorithms.

Simple MAC (not secure!)

It is possible to use any hash algorithm as the basis of a MAC. We can illustrate this using a simple (though unfortunately not secure) algorithm.

The algorithm uses a secret a key (which can be any sequence of bytes of any length you wish). To calculate the MAC, concatenate the key and the message, and takes the hash value of the concatenated data. This hash value is the MAC. It is then possible to store or transmit the original message and the MAC together. Of course, the message which is stored or transmitted must NOT have the secret key still prepended. To validate the data, repeat the MAC calculation, and ensure that the MAC values match.

An attacker cannot alter the message without detection, because he does not know the key and so cannot recalculate the MAC value. However, the attacker can add blocks to the end of the message, and recalculate the new MAC incrementally. This is a fairly limited attack, but still serious in some cases. It is like signing an important letter and then allowing a total stranger to add any extra data they like to it after you posted it, so that their additions appear to come from you.

HMAC

A defence against the weakness of the simple algorithm is to append a secret key at the start and end of the message when calculating the MAC. attack. The [[HMAC algorithm]] does something similar to this, but not exactly the same.

HMAC can be used with any hash method. These are identified by adding the hash name, eg HMAC-MD5, HMAC-SHA1 etc.

See also

Sign up to the Creative Coding Newletter

Join my newsletter to receive occasional emails when new content is added, using the form below:

Popular tags

555 timer abstract data type abstraction addition algorithm and gate array ascii ascii85 base32 base64 battery binary binary encoding binary search bit block cipher block padding byte canvas colour coming soon computer music condition cryptographic attacks cryptography decomposition decryption deduplication dictionary attack encryption file server flash memory hard drive hashing hexadecimal hmac html image insertion sort ip address key derivation lamp linear search list mac mac address mesh network message authentication code music nand gate network storage none nor gate not gate op-amp or gate pixel private key python quantisation queue raid ram relational operator resources rgb rom search sort sound synthesis ssd star network supercollider svg switch symmetric encryption truth table turtle graphics yenc