Danni-Tech

Making the Complicated Simple

Security Plus PKI - MAC/HMAC

  • Key Points from This Video on MAC/HMAC – Data Integrity:
    • Data Integrity Defined:
      Data integrity ensures that data has not been altered during transit.

      • Scenario: John and Susie Example:

        • John wants to send data to Susie while ensuring it’s not modified in transit.
        • They establish a mutual secret key (a set of ones and zeros).
        • John combines the secret key with the data and runs it through a hashing algorithm to create a digest.
        • He sends both the message and the digest to Susie.
        • Susie uses the same secret key to recalculate the digest.
        • If both digests match, it proves:
          • Data Integrity: The data wasn’t altered during transit.
          • Authentication: Only John and Susie have access to the secret key, confirming the sender’s identity.

      • What is a MAC (Message Authentication Code)?

        • A MAC is created by combining a message with a secret key and hashing the result.
        • It provides both integrity and authentication.

      • What is HMAC (Hash-based Message Authentication Code)?

        • HMAC is the standard method for creating a MAC.
        • It’s defined by RFC 2104, which explains how to combine a message with a secret key securely.

      • Summary:

        1. A hashing algorithm takes an input (message) and produces a digest.
        2. A MAC takes a message + secret key as input and produces a digest, ensuring data integrity and authentication.
        3. HMAC is the specific process used to create a MAC.