MAC / HMAC - Message Authentication Code / Hash Bashed Message Authentication Codes

there's a common misconception in the world of online security that implies that if you Hash a packet as you send it across a wire that that's enough to determine if any changes are made in transit but that's not true at all let's talk about [Music] it hey folks welcome to another video in my cryptography Series in this video we're going to continue to explore symmetric cryptography and talk about message authentication codes and in the process we'll also get to discuss hmax a Max is the concept of combining a message with a secret key before hashing

the purpose is to detect alterations of the message or the digest now I know that sounds a lot like the definition and purpose I gave you for hashing earlier in the series but the thing to keep in mind is that hashing alone when you're sending packets across a wire is not enough and to understand Max you have to understand that point so first I want to show you just why hashing alone is not enough for sending packets across the wire let's say you have these two us and the blue user has a message that it

wants to send to the green user a lot of folks think that all the blue user needs to do is simply hash the message to create a digest then send the message and the digest across the wire the theory is that the receiving user can then also hash the message to result in a digest and compare the digest they calculated with the digest that was sent on The Wire theoretically indicating that no one has modified the message in transit but that won't actually work let me show you why let's say you have an attacker sitting

in the middle between this blue user and the green user and let's say this attacker captures the message and digest as it's being sent on The Wire if this red user wants to send a spoofed message all they have to do is change the message and then recalculate the digest remember anyone can do hashing the hashing algorithms are all public knowledge so it's very easy for the red user to calculate a digest on the modified message if the red user then forwards this message to the green user the green user is then going to calculate

a hash on the modified message and that's going to result in the same digest that was sent with a message calculated by the red user so that is why hashing alone is not enough to send packets securely across the wire now some of you might be thinking that's why you also need encryption and while it's true you do need encryption to send something securely across a wire technically encryption is solving a different problem encryption is solving the problem of confidentiality whereas here we're trying to solve the problem of Integrity so at the moment we're not

concerned that anyone one can read the message but we are concerned that we can detect If the message was changed in transit let me show you how a Mac solves this problem with Max the idea is that when this user has a message it wants to send across the wire it's going to combine that message with a secret key before doing the hashing then the digest and the message are both sent across the wire notice the secret key is not sent across the wire the green user happens to also have a copy of the same

secret key they will then also combine that secret key with the message to calculate a digest and if this message hasn't changed in transit this resulting digest will match the digest that was sent by the blue user this creates a system in which only Whoever has the secret key can create a digest that will be accepted this gives us not only Integrity but also authentication of anything sent on The Wire we have integrity because had this message changed the green user would have ended up with a different digest and we have authentication because we know

the only person that could have created this diges is anyone that had the same secret key which should be only the other party in this communication of course the question of how they got the same secret key to begin with is very interesting it's sometimes called the key exchange prom and we'll be talking about solutions to that prom later on in the series when we discuss key exchanges so in the end that is how using a Mac or the concept of combining a message with a secret key before hashing can be used to ensure that

a message or a digest has not been modified in transit okay so that's the definition of a Mac but we haven't yet defined an hmac we'll be talking about that next both of our users combine the key plus the message when they calculated their digest remember with hashing if there are any difference in any of this the resulting digest will be different so what if this green user instead of combining the key plus the message decided to combine the message plus the key well since this is different than this the resulting digest would also be

different and then even though the message hasn't been changed and the key is correct the resulting digest will never match the digest that was sent on The Wire that is where an hmac comes into play and hmac is merely a standard way of combining a message and a key so what that means is that if these two users want to speak in a way that guarantees the Integrity of what they sent they not only have to agree upon using the concept of combining a message and a key they also have to agree on combining that

message and a key in a specific way and hmac is merely a standard way of combining a message and a key you can look up the instructions in RFC 2104 it includes all the instructions for exactly how you can combine a message and a key in order to guarantee Integrity of that message the main idea here is a Mac is the concept of combining a message and a key whereas an hmac is simply a specific way of doing that combination the formula to calculate a Mac requires a message and a secret key and the result

is called the message authentication code for this message the result of a Mac is sometimes still called a digest and that's fair because you are still hashing but as long as you understand that you're doing more than just hashing as far as specific algorithms there isn't really an older Mac that you need to be aware of the hmac was created in 1997 and has since then become the standard way of doing a Mac paully 1305 exists in the TLs world and that is also another way of combining a message and a secret key in the

future you'll see Max done done with these two GCM and CCM but those aren't technically Mac algorithms they are aead ciphers and aead includes both encryption and Mac in a single step so these two do more than just macing for pure Mac algorithms these are the two you want to know about that wraps up our lesson on Max and hmax in the next lesson we'll be looking at pseudo random functions but that's it for this lesson thank you for watching this video I hope you enjoyed it and we see you in the next one oh

[Music]