Message Authentication Code (MAC)

A message authentication code (abbreviated MAC), used in symmetric cryptography, is attached to a message so that a recipient can verify that it wasn’t tampered with during transmission. This is also known as a MAC tag.

To create a MAC for a cryptographic message, the initial sender uses a generic algorithm (called a MAC algorithm) or set of algorithms to produce the MAC and an encryption key. The recipient also passes the received message through the same MAC algorithm. If they generate the same code as the one that came with the message, they can assume the message comes from a legitimate sender and hasn’t been changed in transit.

Before beginning the MAC sequence, the sender and receiver must have established an encryption key as part of verifying the MAC. One drawback to codes or tags for security is that the sender cannot verify that they were the first one to send a MAC with a message, because both sender and receiver use the same MAC algorithm and secret key. Thus, no one can prove who sent the message first. The ability to prove who owns an initial message is known as non-repudiation, and MAC algorithms don’t permit it. Digital signatures, in contrast, allow the sender to show that they sent a message because they used a private key that only they possess.

MACs should be able to indicate that the sent message can only be transmitted one time, eliminating the chance of a replay attack (in which an attacker resends a message to a recipient).

MACs are often used in the finance industry for added authentication in security practices. Large transactions of money and bank communications might use MACs if they are encrypted transmissions.

 

Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.

Related Articles

Phishing

What is phishing? Phishing is a type of cybercrime in which victims are contacted by email, telephone, or text message by an attacker posing as...

Photo Editing Software

Photo editing software is used to manipulate or enhance digital images. This category of software ranges from basic apps, which are able to apply...

SOHO Business Solutions: Free Email Marketing Services

Just like big businesses, SOHO (small office/home office) owners can leverage email marketing systems to communicate with customers, partners and employees. Just like big businesses,...

Fintech

Fintech, also known as "financial technology," is a term used to describe companies that use innovative technology to create more efficient, transparent, and cost-effective...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...