Authentication Code

From MgmtWiki
(Redirected from "Authentication Code")
Jump to: navigation, search

Definition

https://csrc.nist.gov/projects/message-authentication-codes

An Authentication Code is a short piece of information — usually generated by a cryptographic algorithm — that proves a message or transaction is genuine and hasn’t been altered.

In formal cryptography terms, it’s most often a **Message Authentication Code (MAC)**:

  • Definition (NIST): A **keyed cryptographic checksum** based on an approved security function.
  • Purpose 
 1. **Authenticity** — Confirms the message came from the claimed sender.  
 2. **Integrity** — Confirms the message wasn’t changed in transit.

Solution

 1. Sender and receiver share a **secret key**.  
 2. Sender runs the message + key through a MAC algorithm to produce the authentication code (tag).  
 3. Receiver runs the same algorithm with the same key; if the tag matches, the message is accepted as authentic.
  • Security property: Without the secret key, it should be computationally infeasible to forge a valid code for any new message.

Example in practice

  • In HTTPS, TLS uses MACs (or AEAD modes with built‑in authentication) to ensure that encrypted packets haven’t been tampered with.
  • In APIs, an authentication code might be an HMAC (Hash‑based MAC) attached to each request.

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Authentication_Code&oldid=24997"