Quiz Entry - updated: 2026.07.14
How is a MAC computed and verified, and what keys are involved?
A MAC is computed as $\text{MAC} = h(K_G, m)$ using a shared generation key, and verified by recomputing with the verification key $K_V = K_G$.
Generation (by Alice):
$$\text{MAC} = h(K_G, m)$$
Alice sends both $m$ (plaintext) and the MAC.
Verification (by Bob):
$$h(K_V, m) \stackrel{?}{=} \text{received MAC}$$
Bob recomputes the MAC using his key $K_V$ and checks if it matches.
Key relationship: $K_G = K_V$ (symmetric — same shared secret)
What MAC provides:
- Data integrity — modification is detected
- Data authenticity — only someone with the key could have generated the MAC
- Insertion protection — a forged message won't have a valid MAC
What MAC does NOT provide:
- Non-repudiation — since $K_G = K_V$, Bob could have created the MAC himself. Alice can deny sending it.
Go deeper:
HMAC — the hash-based MAC used in practice.