Message Authentication Code

Dear Readers,

Message Authentication Code (MAC), also referred to as a tag, is used to authenticate the origin and nature of a message. MACs use authentication cryptography to verify the legitimacy of data sent through a network or transferred from one person to another.

In other words, MAC ensures that the message is coming from the correct sender, has not been changed, and that the data transferred over a network or stored in or outside a system is legitimate and does not contain harmful code. MACs can be stored on a hardware security module, a device used to manage sensitive digital keys.

How Does a Message Authentication Code Work?

The first step in the MAC process is the establishment of a secure channel between the receiver and the sender. To encrypt a message, the MAC system uses an algorithm, which uses a symmetric key and the plain text message being sent. The MAC algorithm then generates authentication tags of a fixed length by processing the message. The resulting computation is the message’s MAC.

This MAC is then appended to the message and transmitted to the receiver. The receiver computes the MAC using the same algorithm. If the resulting MAC the receiver arrives at equals the one sent by the sender, the message is verified as authentic, legitimate, and not tampered with.

In effect, MAC uses a secure key only known to the sender and the recipient. Without this information, the recipient will not be able to open, use, read, or even receive the data being sent. If the data is to be altered between the time the sender initiates the transfer and when the recipient receives it, the MAC information will also be affected.

Therefore, when the recipient attempts to verify the authenticity of the data, the key will not work, and the end result will not match that of the sender. When this kind of discrepancy is detected, the data packet can be discarded, protecting the recipient’s system.

Types of Message Authentication Codes

Although all MACs accomplish the same end objective, there are a few different types.

1. One-time MAC

A one-time MAC is a lot like one-time encryption in that a MAC algorithm for a single use is defined to secure the transmission of data. One-time MACs tend to be faster than other authentication algorithms.

2. Carter-Wegman MAC

A Carter-Wegman MAC is similar to a one-time MAC, except it also incorporates a pseudorandom function that makes it possible for a single key to be used many times over.


With a Keyed-Hash Message Authentication Code (HMAC) system, a one-way hash is used to create a unique MAC value for every message sent. The input parameters can have various values assigned, and making them very different from each other may produce a higher level of security.

About Ambimat Electronics:

With design experience of close to 4 decades of excellence, world-class talent, and innovative breakthroughs, Ambimat Electronics is a single-stop solution enabler to Leading PSUs, private sector companies, and start-ups to deliver design capabilities and develop manufacturing capabilities in various industries and markets. AmbiIoT design services have helped develop SmartwatchesSmart homesMedicalsRobotics, RetailPubs and brewerySecurity 

Ambimat Electronics has come a long way to become one of India’s leading IoT(Internet of things) product designers and manufacturers today. We present below some of our solutions that can be implemented and parameterized according to specific business needs. AmbiPay, AmbiPower, AmbiCon, AmbiSecure, AmbiSense, AmbiAutomation.

To know more about us or what Ambimat does, we invite you to follow us on LinkedIn or visit our website.


MINDBODY – Mobile credit card swiper – UNIIMAG II (Android)
Mobile Payments: What is NFC Card Emulation Mode?