Menu
What is the Difference between a Hash and MAC (Message Authentication code)?
By their definitions they seem to serve the same function.
Can someone explain what the difference is?
670
A MAC is created by a keyed secure hash function on a message. It can be used to provide the integrity of the message such that if a message secured by a MAC is tampered, it can be identified by comparing the MAC contained with in the message and the recalculated MAC.
Digital signatures can be used in conjunction with cryptographic hash functions (as in SHA-1 and the Digital Signature Algorithm), but a cryptographic hash function is not always a digital signature. Digital signatures utilize asymmetric cryptography, whereas MACs use symmetric cryptography.
What is the difference between a message authentication code and a one-way hash function? A hash function, by itself, does not provide message authentication. A secret key must be used in some fashion with the hash function to produce authentication.
A Message Digest is simply a hash of a message. It's the output of a cryptographic hash function applied to input data, which is referred to as a message. A Message Authentication Code (MAC) is a piece of information that proves the integrity of a message and cannot be counterfeited easily.
The main difference is conceptual: while hashes are used to guarantee the integrity of data, a MAC guarantees integrity AND authentication.
This means that a hashcode is blindly generated from the message without any kind of external input: what you obtain is something that can be used to check if the message got any alteration during its travel.
A MAC instead uses a private key as the seed to the hash function it uses when generating the code: this should assure the receiver that, not only the message hasn't been modified, but also who sent it is what we were expecting: otherwise an attacker couldn't know the private key used to generate the code.
According to wikipedia you have that:
While MAC functions are similar to cryptographic hash functions, they possess different security requirements. To be considered secure, a MAC function must resist existential forgery under chosen-plaintext attacks. This means that even if an attacker has access to an oracle which possesses the secret key and generates MACs for messages of the attacker's choosing, the attacker cannot guess the MAC for other messages without performing infeasible amounts of computation.
Of course, although their similarities, they are implemented in a different way: usually a MAC generation algorithm is based upon a hash code generation algorithm with the extension that cares about using a private key.
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
