Message—Authentication Code Algorithms

Message Authentication Code (MAC) algorithms are a fairly crucial component of most online protocols. They ensure the authenticity of the message between two or more parties to the transaction. MAC algorithms work in much the same context as symmetric ciphers. They are fixed algorithms that accept a secret key that controls the mapping from input to the output. To help developers implement interoperable MAC functions in their products, NIST has standardized two different forms of MAC functions. The first to be developed was the Hash Message Authentication Code (HMAC) that described a method of safely turning a one-way collision resistant hash into a MAC function. The second standard developed by NIST was the cipher message authentication code (CMAC) standard. Oddly enough, CMAC falls under “modes of operations” on the NIST Web site and not a message authentication code. CMAC is intended for message authenticity. Unlike HMAC, CMAC uses a block cipher to perform the MAC function and is ideal in space-limited situations where only a cipher will fit.