What is the difference between MAC and Hash function in Information Security?

MAC

MAC stands for Message Authentication Code. It is also defined as a tag. It can be used to authenticate the origin and characteristics of a message. MACs need authentication cryptography to check the legitimacy of information sent through a network or moved from one person to another.

A MAC is created by a keyed secure hash function on a message. It can be used to provide the integrity of the message such that if a message secured by a MAC is tampered, it can be identified by comparing the MAC contained with in the message and the recalculated MAC.

Message authentication codes are generally needed to create any type of financial account. Banks, brokerage firms, trust organization, and some other deposit, investment, or insurance organization that provide online access can use these codes. They are an important component of financial cryptography.

A MAC is also called a keyed hash. A MAC may or may not be generated from a hash function though HMAC and KMAC are keyed hashes that based on a basic hash function, while AES-CMAC is one that relies on the AES block cipher, as the name indicate.

Message authentication codes are also one-way, but it is required to understand both the key as well as the message to produce the MAC value. Because of this they can be used to support message integrity and message authenticity, much like ensure one-way hashes in signatures.

For the other party or parties to check the MAC they of course also require the same (thus symmetric) key. That also define that they can produce an authentication tag themselves; a specific level of trust is needed by the parties that implement the verification.

Hash Function

A one-way hash function is a function where it cannot receive any data about the input message by implementing calculations. Generally one-way hash functions are known as cryptographically secure hash functions. Examples are SHA-256 and SHA- 512 and other SHA-2 derivatives and as expected the next introduced SHA-3 family of hashes.

MD5 and SHA-1 are also one-way hash functions. They are not treated to be secure anymore as hash collisions can be produced. Hash functions can be used to support message integrity and authenticity, but the value of the hash should be trusted.

Therefore, an attacker can only make a hash over a different message and use that to restore the original hash. This trust can be supported by a private key calculation (a signature). Another method is to store the hash on a trusted site, so that it can check the integrity of files put on a mirror.

Ginni

Updated on 14-Mar-2022 07:33:37

• Related Questions & Answers
• What is Cryptographic Hash function in Information Security?
• What is MAC in Information Security?
• What is the difference between Physical Security and Logical Security in information security?
• What are the requirement of hash function in Information Security?
• What is the difference between SHA and MD5 in Information Security?
• What is the difference between Hashing and Encryption in Information Security?
• What is the difference between Confusion and Diffusion in information security?
• What is the difference between Encryption and Steganography in Information Security?
• Difference between Cyber Security and Information Security
• What is the difference between SOAP and RESTful Web Services in information security?
• What is the difference between memory card and smart card in information security?
• What is the difference between Linear Cryptanalysis and Differential Cryptanalysis in Information Security?
• What is the difference between Software Security and Cyber Security?
• Difference between Cyber Security and Information Security in Computer Networks?
• What is the difference between Privacy and Security?