there MAC, It's not in computers MAC Address , It's message captcha （Message Authentication Code,MAC). stay Practical cryptography for developers - Hash Algorithm Talked about Hash The algorithm can check the integrity , But it can't prevent the message from being tampered with , and MAC It's designed to avoid tampering with messages .
stay Practical cryptography for developers - Hash Algorithm In this article , When it comes to cryptography, one of the uses of hash algorithms is to guarantee documents / Message integrity . For file downloads , By calculating the number of downloaded files Hash value , And the website provides Hash Value for comparison , You can determine whether the downloaded file is consistent with the original file on the website . This works for fixed usage scenarios （ The download files provided by the website are relatively fixed ）, If it's any message （ file ） Sending of , How to provide original information （ file ） Of Hash Is it worth it ？ An easy way to think of is to put Hash The value is attached to the message , Send it to the receiver together , As shown in the figure below ：
Hash Value is sent with the message
Receiver verification Hash Value and received Hash Same value , It doesn't look wrong . But what about the following scenarios ？
The attacker intercepts the message , Modify the message , The value of the digest is then calculated （ It's a public algorithm ）, Attached to the message and sent to the receiver . When the receiver receives the message , Calculate the digest value for the message , Then compare it with the received digest value , No abnormality was found , In fact, the received message has been tampered with .
By encrypting the message is a solution . But in many cases , There is no need to encrypt the message delivered , Just make sure that the message is complete and has not been tampered with , The reasons may be as follows ：
The data of the interface is not important , The privacy requirements are not high .
The encryption and decryption process consumes a lot of performance .
Another solution is MAC Algorithm .MAC Is the verification code calculated from a given key and a given message ：
auth_code = MAC(key, msg)
Both sides of the communication maintain the same key , Only those who have the key can generate and verify the message captcha . Usually , It behaves like a hash function ：
A small change in the key or key in a message MAC The value is totally different .
Change the key or message and get the same MAC Value is actually not feasible .
MAC Captcha is irreversible like hashes ： from MAC Recover the original message or key from the code .
MAC Algorithms are also known as “ Keyed hash functions ”, Because they behave like hash functions with keys .
MAC With the original message , The original message can be encrypted , You can also choose not to encrypt , Both sides of the communication will generate in the same way MAC value , And then compare them , As shown in the figure below ：
MAC Processing flow
MAC Types of algorithms
There are many problems in modern cryptography MAC Algorithm . The most popular is based on hash algorithm , for example HMAC（ Hash based MAC, for example HMAC-SHA256） and KMAC（ be based on Keccak Of MAC）. Others are based on symmetric encryption , for example CMAC（ Based on encryption MAC）,GMAC（Galois MAC） and Poly1305（Bernstein One time authenticator ）. other MAC The algorithm includes UMAC（ Based on general hash ）,VMAC（ Based on high performance packet encryption MAC） and SipHash（ Simple 、 Fast 、 Safe MAC）.
As a developer , We don't need to know so much MAC Algorithm , The key to understand HMAC（Hash-based Message Authentication Code） that will do , It's in SSL/TLS Communication is widely used .
HMAC The algorithm uses Hash Algorithm as encryption primitive ,HMAC combination Hash There are many variations of the algorithm , such as HMAC-SHA-1、HMAC-SHA256、HMAC-SHA512, In the national secret standard, it uses SM3 Hash Algorithm . Don't mistake it for HMAC The algorithm is Hash The algorithm adds a key ,HMAC The algorithm is just based on Hash Algorithm , The internal implementation is quite complicated , We don't usually need to know , Existing encryption / Decryption libraries are usually implemented HMAC Algorithm .
MAC Algorithm example
With the help of OpenSSL Command line tools , Calculation HMAC Very easy to ：
echo -n abc | openssl dgst -sha256 -hmac Passw0rd (stdin)= c12a3b777eaebdc2f98e79418f605f9b0b23064161e83aa19e3cf37c005181f3
Used in national security standards SM3 As encryption primitives , It can also be calculated from the command line ：
echo -n abc | gmssl dgst -sm3 -hmac Passw0rd (stdin)= db1ab0dda0aafbdcd53cbda95b7ecdee4a50586f92696616ab052aceea106212
MAC The purpose of the algorithm
MAC The main purpose of the algorithm ：
To prove that the news has not been tampered with , This sum Hash Similar algorithm .
The message was sent by the correct sender , That is to say, the message is validated .
Besides MAC The algorithm can also be used in the following scenarios .
be based on HMAC Key derivation of (HMAC-based key derivation,HKDF)
Key derivation function （KDF） Is to convert a variable length password into a fixed length key （ Bit sequence ） The function of ：
function(password) -> key
A very simple one KDF function , We can use SHA256： Hash only passwords . But don't do this , Because it's not safe , Simple hashes are vulnerable to dictionary attacks .
As more complicated KDF function , We can do this by using something called “ salt ” Random value calculation of HMAC（salt,msg,SHA256） To generate passwords , The random value is stored with the exported key , Later used to export the same key from the password again .
be based on MAC The pseudo-random generator of
We can “ salt ”（ Constant or current date and time or other randomness ） And seed （ Last generated random number , for example 0） Start , Calculation next_seed：
next_seed = MAC(salt, seed)
After each calculation , The next pseudo-random number will be “ Random change ”, We can use it to generate the next random number in a specific range .
In this paper, we introduce message captcha , Message captcha makes up for a single Hash The lack of algorithm , Make sure the message is not tampered with . The next section introduces MAC Types and uses of algorithms . In the next article , We will introduce the random number generator in cryptography , Stay tuned ！