1

Really basic question, but what is the purpose of using a MAC/HMAC when you are encrypting using a symmetric key algorithm?

It is my understanding that the purpose of a MAC is to authenticate the sender by the use of a shared key, but if you are encrypting using a shared key algorithm, doesn't that provide the authentication, without the need for a MAC?

Am I right in thinking the main purpose of using one is for the 'integrity' aspect, rather than any authentication?

Thanks.

RJSmith92
  • 311
  • 2
  • 9
  • 2
    Is not [this post](http://security.stackexchange.com/questions/14858/mac-vs-encryption) helpful? –  Oct 17 '15 at 08:31
  • Thanks @Begueradj, it has answered my question. Quick side question regarding the chosen answer from your link. They say without the MAC that 'An attacker could alter the ciphertext to make it say something else when decrypted.', If the attacker can alter the encrypted text, couldn't the attacker alter the ciphertext and the hash in the encrypted message so they match? or is this beyond the realm of what is realistically possible? Thanks. – RJSmith92 Oct 17 '15 at 09:11
  • 1
    Just because the attacker can alter the ciphertext doesn't mean they necessarily have the key. But they can't change the MAC without knowing the secret used with it. – Neil Smithline Oct 17 '15 at 21:08
  • @NeilSmithline I appreciate they don't have the key, but if they can alter the ciphertext without the key, can they not alter the MAC without the key? When the attacher alters the ciphertext without the key, do they know what they are changing so they can control what it will read when decrypted? – RJSmith92 Oct 18 '15 at 02:43
  • 1
    Doesn't matter if they know or not. They can't get the MAC correct without knowing the secret. – Neil Smithline Oct 18 '15 at 02:45
  • @NeilSmithline I was about to delete my comment because it just clicked. Thanks again for the help. – RJSmith92 Oct 18 '15 at 02:49
  • @NeilSmithline Sorry to bother you again, just quickly, when they said 'An attacker could alter the ciphertext to make it say something else when decrypted.', if they don't know the key what can they change it to? I understand they could alter it so that when it's decrypted it comes out as a load of gibberish, but can they alter it knowing what it will come out as once decrypted? Surly that would need the key? – RJSmith92 Oct 18 '15 at 05:28
  • Now you're getting into more detail than I know about cryptanalysis. See https://en.m.wikipedia.org/wiki/Ciphertext-only_attack. It's complicated but the answer is not necessarily. – Neil Smithline Oct 18 '15 at 05:31

0 Answers0