• Message Authentication
  • Authenticates a message
  • Helps receiver of the message can verify that it is coming from the stated sender
  • Also helps receiver to verify that the data was not changed during transfer.
  • To generate a MAC sender needs a message and a secret key.
  • To verify the MAC the receiver also needs the message and the same secret key.
  • MAC is different from a Message Digest in the sense that it can detect if the message was changed in any way.
  • MACs vary from Digital Signatures in the way that Signatures use Asymmetric Encryption.

MAC Function Security

MAC function is considered secure if it can protect against:
  1. Universal Forgery Attack: Attacker can generate a valid MAC for any data.
  1. Selective Forgery Attack: Correct MAC for a particular message.
  1. Existential Forgery Attack: Finding a pair of any message and it’s corresponding MAC and replaying it.
  1. Existential Forgery under a chosen-message Attack
HMAC → Hash based MAC
A MAC generated by a Hash is called by the name of the Hash function, like, HMAC-SHA-256

Combining MAC And Encryption

  • Encrypt-then-MAC(EtM)
  • Encrypt-and-MAC(E&M) Plaintext is encrypted, but MAC is calculated on the plaintext, rather on the ciphertext.
  • MAC-then-Encrypt(MtE)
EtM is regarded as the most secure scheme provided a strong MAC function was used.
However, authenticated encryption modes such as AES-GCM or ChaCha20-Poly1305 are becoming quite popular now. Authenticated encryption modes provide authentication as one of their core features and do not require separate authetnication operations such as running an HMAC function.
TLS 1.2 authenticated encryption is used.
TLS 1.3 only authenticated ciphers remained to be used. However HMAC is still used in TLS 1.3 as the basis ofr a Pseudorandom Function for key exchange.

Calculate HMAC

  • Let’s generate random file
    • seq 20000 > hmac-plain.txt
  • Let’s generate a secret key or HMAC
    • openssl rand -hex 32 openssl rand -hex 32 7d2b9effb060d661dfdeed2e0d52f019aff26aebb6312673bb490aa4f1cf9252
  • Now let’s calculate the HMAC
    • openssl dgst -sha-256 -mac HMAC -macopt hexkey:<secret-key> hmac-plaint.txt openssl dgst -sha-256 -mac HMAC -macopt hexkey:7d2b9effb060d661dfdeed2e0d52f019aff26aebb6312673bb490aa4f1cf9252 hmac-plaint.txt HMAC-SHA2-256(hmac-plaint.txt)= e44f93fdd005a92e24af974ecd2ab9cd9e74b2bc1b3afe2a9cf51d7ec4757c8b
      openssl mac -digest SHA-256 -macopt hexkey:<secret-key> -in hmac-plain.txt openssl mac -digest SHA-256 -macopt hexkey:7d2b9effb060d661dfdeed2e0d52f019aff26aebb6312673bb490aa4f1cf9252 -in hmac-plaint.txt HMAC E44F93FDD005A92E24AF974ECD2AB9CD9E74B2BC1B3AFE2A9CF51D7EC4757C8B