LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is a Message Authentication Code (MAC), and what security properties does it provide?

A MAC is a cryptographic checksum computed with a symmetric key (m = MAC_k(x)); it provides message integrity and message authentication, but — being symmetric — no non-repudiation.

The scenario it solves: send a message over an insecure channel where (a) nobody may alter it undetected, (b) the receiver is sure who it came from, but (c) eavesdropping is tolerated (MACs don't provide confidentiality).

How it works: Alice computes m = MAC_k(x) and sends (x, m); Bob recomputes m' = MAC_k(x) and accepts if m == m'.

The six summary properties:

  1. Cryptographic checksum — a secure checksum for a message
  2. Symmetric — sender and receiver share one secret key
  3. Arbitrary message length accepted
  4. Fixed checksum length output
  5. Message integrity — any change to x changes the checksum
  6. Message authentication — only someone with the key can produce the correct checksum

The key limitation — no non-repudiation: because the key is shared, you cannot prove to a third party who created the MAC (either party could have). For provable authorship you need digital signatures (asymmetric). MACs are faster than signatures (built from block ciphers or hash functions), which is why protocols like TLS and IPsec use them.

Go deeper:

  • doc HMAC (Wikipedia) — the standard hash-based MAC construction, its symmetric key + integrity properties, and why it is used in TLS/IPsec.

From Quiz: MOBINFSEC / GSM & LTE Security Infrastructure | Updated: Jul 05, 2026