Message authentication code – link to Sequence number

It is not possible to add the new link because it would replace an existing, longer link.

Line 4: Line 4:
<ref><!--<ref group="SJVKJJLSGVHS">-->{{Citation|title=Mac® Security Bible|date=2011-11-01|pages=1–26|chapter=Mac Security Overview|publisher=Wiley Publishing, Inc.|doi=10.1002/9781118257739.ch1|isbn=9781118257739}}</ref> In this example, the sender of a message runs it through a MAC algorithm to produce a MAC data tag. The message and the MAC tag are then sent to the receiver. The receiver in turn runs the message portion of the transmission through the same MAC algorithm using the same key, producing a second MAC data tag. The receiver then compares the first MAC tag received in the transmission to the second generated MAC tag. If they are identical, the receiver can safely assume that the message was not altered or tampered with during transmission ([[data integrity]]).
<ref><!--<ref group="SJVKJJLSGVHS">-->{{Citation|title=Mac® Security Bible|date=2011-11-01|pages=1–26|chapter=Mac Security Overview|publisher=Wiley Publishing, Inc.|doi=10.1002/9781118257739.ch1|isbn=9781118257739}}</ref> In this example, the sender of a message runs it through a MAC algorithm to produce a MAC data tag. The message and the MAC tag are then sent to the receiver. The receiver in turn runs the message portion of the transmission through the same MAC algorithm using the same key, producing a second MAC data tag. The receiver then compares the first MAC tag received in the transmission to the second generated MAC tag. If they are identical, the receiver can safely assume that the message was not altered or tampered with during transmission ([[data integrity]]).


However, to allow the receiver to be able to detect [[replay attack]]s, the message itself must contain data that assures that this same message can only be sent once (e.g. time stamp, [[Cryptographic nonce|sequence number]] or use of a [[#One-time_MAC|one-time MAC]]). Otherwise an attacker could – without even understanding its content – record this message and play it back at a later time, producing the same result as the original sender.
However, to allow the receiver to be able to detect [[replay attack]]s, the message itself must contain data that assures that this same message can only be sent once (e.g. time stamp, [[sequence number]] or use of a [[#One-time_MAC|one-time MAC]]). Otherwise an attacker could – without even understanding its content – record this message and play it back at a later time, producing the same result as the original sender.