Authentication Code

From MgmtWiki
Revision as of 12:03, 6 September 2025 by Tom (talk | contribs) (Tom moved page "Authentication Code" to Authentication Code)

Jump to: navigation, search

Definition

https://csrc.nist.gov/projects/message-authentication-codes

An Authentication Code is a short piece of information — usually generated by a cryptographic algorithm — that proves a message or transaction is genuine and hasn’t been altered.

In formal cryptography terms, it’s most often a **Message Authentication Code (MAC)**:

- **Definition (NIST)**: A **keyed cryptographic checksum** based on an approved security function. - **Purpose**: 

 1. **Authenticity** — Confirms the message came from the claimed sender.  
 2. **Integrity** — Confirms the message wasn’t changed in transit.

Solution

 1. Sender and receiver share a **secret key**.  
 2. Sender runs the message + key through a MAC algorithm to produce the authentication code (tag).  
 3. Receiver runs the same algorithm with the same key; if the tag matches, the message is accepted as authentic.

- **Security property**: Without the secret key, it should be computationally infeasible to forge a valid code for any new message.

Example in practice

  • In HTTPS, TLS uses MACs (or AEAD modes with built‑in authentication) to ensure that encrypted packets haven’t been tampered with.
  • In APIs, an authentication code might be an HMAC (Hash‑based MAC) attached to each request.


References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Authentication_Code&oldid=24992"