Message Authentication Codes also known as (MACs) are similar techniques to the Digital Signatures. MACs use Symmetric keys between all parties; and they provide data integrity and message authentication, but not non-repudiation. In fact, MACs are much faster than Public-key signatures.
Basically, MAC takes an input of any size and produce a short and fixed-size output. The Message Authentication Codes’ security entirely relies on the infeasibility of computing the result by Oscar. In this scenario, it will be very difficult for Oscar to achieve the following:
- Existential forgery.
- Selective forgery.
- Key recovery.
This scenario is an example of the MAC and how it works:
- Any party can start this communication, Bob will start for this example.
- Bob will use the private-key to MAC the original message; then he will send it to Alice.
- Alice will use the same private-key to verify that the message has been received from Bob.
In conclusion, there are some important thangs about MAC that you need to remember, for example:
- MAC provides data integrity and message authentication Meanwhile, Digital signature provides data integrity, message authentication and non-repudiation.
- MACs are much faster than Digital signatures.
- MACs use a key, but Hash functions do not use key.
Note: MACs are based on hash functions (e.g. HMAC) or on Block Ciphers (e.g. CBC-MAC).