Just like in cryptography in general, there is also variability and choice in MAC algorithms. Here are a few algorithms with their intended uses that you might come across!
Various MAC algorithms
- HMAC (Hash-based Message Authentication Code): The most common and widely supported MAC algorithm. Provides strong security and is easy to use.
- UMAC (Universal MAC): Similar to HMAC, but slightly faster. Security level is the same.
- CMAC (Cipher-based MAC): Designed specifically to be used with the AES encryption algorithm. Provides strong security.
- GMAC (Galois/Counter Mode MAC): Based on the AES encryption algorithm and provides excellent performance. The security level is very high.
- Poly1305: A newer algorithm that offers excellent performance and competitive security.
Choosing the right MAC algorithm
The choice depends on your needs:
- Safety: HMAC, CMAC, GMAC, and Poly1305 provide strong security. UMAC is slightly faster than HMAC.
- Performance: UMAC and Poly1305 are faster than HMAC and CMAC. GMAC provides the best performance.
- Compatibility: HMAC is the most widely supported. UMAC, CMAC, and GMAC are less common. Poly1305 is the newest and may not be as widely supported.
- Application: HMAC is suitable for most applications. UMAC and Poly1305 are suitable for performance-critical applications. CMAC is suitable for use with AES. GMAC and Poly1305 are suitable for highly demanding applications.
Avoid these
- HMAC-MD5: Outdated and weak. Use HMAC-SHA256 or stronger.
- CBC-MAC (Cipher Block Chaining MAC): Weak and vulnerable to attacks. Use CMAC or GMAC.
Ready to become an ethical hacker?
Start today.
As a member of Hakatemia you get unlimited access to Hakatemia modules, exercises and tools, and you get access to the Hakatemia Discord channel where you can ask for help from both instructors and other Hakatemia members.