Message authentication check: Difference between revisions

Latest revision as of 15:26, 30 October 2005

A message authentication check, or MAC is a cryptographic check that a message is from a given origin.

Most MACs are constructed from keyed one way hash functions. The method is for the sender and receiver to agree on a symmetric key, and to then calculate:

 C = hash(K_a | message)

ipsec uses the HMAC methods, which actually calculate:

 C = hash('55555555', hash(K_a | message | 'uuuuuuuuu'))

this usage makes HMAC-MD5 and HMAC-SHA1 immune to recently discovered birthday attacks on MD5 and SHA1.

HMAC is defined in RFC 2104.

Revision as of 13:12, 30 October 2005 view source Pbug (talk \| contribs) Administrators 1,443 edits No edit summary ← Older edit		Latest revision as of 15:26, 30 October 2005 view source Frankk (talk \| contribs) 136 edits No edit summary
Line 14:		Line 14:
	attacks on MD5 and SHA1.		attacks on MD5 and SHA1.

	HMAC ~~are~~ defined in [[RFC]] 2104.		HMAC is defined in [[RFC]] 2104.

Message authentication check: Difference between revisions

Latest revision as of 15:26, 30 October 2005

Navigation menu

Page actions

Page actions

Personal tools

Search

Tools