Message Authentication Code (MAC)

A message authentication code (abbreviated MAC), used in symmetric cryptography, is attached to a message so that a recipient can verify that it wasn’t tampered with during transmission. This is also known as a MAC tag.

To create a MAC for a cryptographic message, the initial sender uses a generic algorithm (called a MAC algorithm) or set of algorithms to produce the MAC and an encryption key. The recipient also passes the received message through the same MAC algorithm. If they generate the same code as the one that came with the message, they can assume the message comes from a legitimate sender and hasn’t been changed in transit.

Before beginning the MAC sequence, the sender and receiver must have established an encryption key as part of verifying the MAC. One drawback to codes or tags for security is that the sender cannot verify that they were the first one to send a MAC with a message, because both sender and receiver use the same MAC algorithm and secret key. Thus, no one can prove who sent the message first. The ability to prove who owns an initial message is known as non-repudiation, and MAC algorithms don’t permit it. Digital signatures, in contrast, allow the sender to show that they sent a message because they used a private key that only they possess.

MACs should be able to indicate that the sent message can only be transmitted one time, eliminating the chance of a replay attack (in which an attacker resends a message to a recipient).

MACs are often used in the finance industry for added authentication in security practices. Large transactions of money and bank communications might use MACs if they are encrypted transmissions.

 

Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...