Stack Overflow
Stack Overflow

Questions tagged [message-authentication-code]

A MAC (message authentication code) is a cryptographic value that guarantees the authenticity of a message

A message authentication code (MAC) is a cryptographic primitive that calculates an authentication tag from a secret key and a message. The tag guarantees the authenticity of the message: only a party that has the secret key can compute a valid tag.

There are two common types of MAC functions:

In public-key cryptography, authentication can be performed with signatures: generating the signature of a message requires the private key, but the signature can be verified with just the public key. This is in contrast with MAC where the same key is used to generate or verify the tag. MAC are sometimes called “signatures”, while other authors reserve the word “signature” for asymmetric cryptography.

14 questions
4
votes
1 answer

Can the value from node crypto.createCipheriv('aes-256-gcm', ...).getAuthKey() be public?

I'm having trouble finding some information. Does anyone know if the value returned from cipher.getAuthTag() (--> returns MAC) can be publicly visible? TL;DR Can a message authentication code be publicly visible, or does this need to be kept secret…
tuffant21
  • 441
  • 3
  • 10
4
votes
3 answers

CMAC why K1 and K2

http://en.wikipedia.org/wiki/CMAC http://www.rfc-archive.org/getrfc.php?rfc=4493 There are two keys K1 and K2. Are there any other reasons, beside that messages 1 differs from 10^127 (1 and 127 zeroes) If message carries length (and length is also…
Luka Rahne
  • 10,336
  • 3
  • 34
  • 56
3
votes
2 answers

Mifare Desfire Wrapped Mode: How to calculate CMAC?

When using Desfire native wrapped APDUs to communicate with the card, which parts of the command and response must be used to calculate CMAC? After successful authentication, I have the following session key: Session Key:…
Mohammad Banisaeid
  • 2,376
  • 27
  • 35
3
votes
1 answer

AES CMAC Calculation C#

I know MAC is 4 first byte of last block encryption, and found this CMAC explanation here but it's kinda hard to understand. And maybe there are already some CMAC AES questions but I'm sorry I can't understand it well. Anyone can explain how to…
Abraham Putra Prakasa
  • 598
  • 3
  • 8
  • 22
3
votes
1 answer

MAC and CMAC calculation for Mifare Desfire

Could anyone help me guide the calculation of MAC(4bytes) and CMAC(8bytes) for Mifare Desfire? I am getting unexpected results. Deskey = 0000000000000000 Block1(B1) = 1122334455667788 Block2(B2) = 9900112200000000 IV = …
Studuino
  • 118
  • 2
  • 9
1
vote
1 answer

Problem with calculating HMAC of a string with python

I am trying to write a program that calculates hmac of a string. I am allowed to use hashlib library but not hmac. Here is my code: from hashlib import sha256 def string_to_decimal(string): res = '' for char in string: res +=…
ssaf
  • 86
  • 1
  • 6
1
vote
0 answers

Having issues with R function BitXWor Error in vector?

The following is my current functions ________Sbox Function______ > Sbox2 <- function(b) > { b <- unlist(strsplit(b, "")) tempVal <- unbinary(paste(b[2:4], collapse = '')) tempRet <- ifelse((b[1] == > "0"), S11[tempVal + 1],…
Zaid Islam
  • 29
  • 3
1
vote
2 answers

Why does Laravel need a message authentication code (MAC) for it's Encryption?

Laravel documentation says All of Laravel's encrypted values are signed using a message authentication code (MAC) so that their underlying value can not be modified once encrypted. In practice it means that the payload is accompanied with a little…
Yevgeniy Afanasyev
  • 37,872
  • 26
  • 173
  • 191
1
vote
1 answer

Nested JWS + JWE vs JWE with Authenticated Encryption

Problem I want to sign and encrypt (effectively, obfuscate) some information ('token') on my server (a trusted environment) and send the cyphertext to a client machine (not quite trusted environment) to be read and verified by my client-side…
Alexey
  • 9,197
  • 5
  • 64
  • 76
0
votes
1 answer

HMAC SHA256, inner hash works but outer hash fails

I'm experiencing a problem integrating the output of my SHA256 with HMAC. The first/'inner' SHA256 matches the expected output but the second/'outer' does not. I am following the first example…
intrigued_66
  • 16,082
  • 51
  • 118
  • 189
0
votes
0 answers

Does an HMAC in an automated system provide any practical protection that a normal hash can't assuming proper parsing?

From my research on using HMAC, it protects against length extension attacks on Merkle-Damgård hash algorithms. Is an HMAC only useful in the circumstance that the message syntax allows for lengthening and the key precedes the message when…
drowsily.throbbing872
  • 21
  • 2
0
votes
1 answer

Instamojo Message Authentication Code in Webhook Comparing Issue

I am integrating INSTAMOJO payment gateway in my application. I am using MAC verification on webhooks response from INSTAMOJO site. Available tutorial is only for Php and Python. But I'm implementing it using NodeJs (ExpressJs). I have attached my…
Ismail Raza
  • 1
  • 1
0
votes
1 answer

Openssl Command Line for Triple DES HMAC like C# MACTripleDES

Can anyone explain how to make a TDES MAC in OpenSSL command line? I am trying to duplicate some functionality of a working C# program in C for the OpenSSL API, and am having trouble duplicating the .Net MACTripleDES.ComputeHash function in…
Larry Martin
  • 89
  • 1
  • 10
0
votes
0 answers

SHA-256 Execution time is less than HmacSHA256 in java

I want to compare sha256 and "Hmac with sha256" execution time. public static void main(String[] args) throws NoSuchAlgorithmException, UnsupportedEncodingException { // TODO code application logic here byte[] data =…
niloofar
  • 1
  • 1