S (signing) outputs a tag t on the key k and the input string x.G (key-generator) gives the key k on input 1 n, where n is the security parameter.įormally, a message authentication code ( MAC) system is a triple of efficient algorithms ( G, S, V) satisfying: It should be computationally infeasible to compute a valid tag of the given message without knowledge of the key, even if for the worst case, we assume the adversary knows the tag of any message but the one in question. That is, return accepted when the message and tag are not tampered with or forged, and otherwise return rejected.Ī secure message authentication code must resist attempts by an adversary to forge tags, for arbitrary, select, or all messages, including under conditions of known- or chosen-message. A verifying algorithm efficiently verifies the authenticity of the message given the key and the tag.A signing algorithm efficiently returns a tag given the key and the message.A key generation algorithm selects a key from the key space uniformly at random.Informally, a message authentication code system consists of three algorithms: RFC 4949 recommends avoiding the term message integrity code (MIC), and instead using checksum, error detection code, hash, keyed hash, message authentication code, or protected checksum. However, some authors use MIC to refer to a message digest, which aims only to uniquely but opaquely identify a single message. The term message integrity code (MIC) is frequently substituted for the term MAC, especially in communications to distinguish it from the use of the latter as media access control address ( MAC address).
0 kommentar(er)
