Message Authentication Codes
A Message Authentication Code (MAC) is a tag or checksum that is appended to a message to ascertain its authenticity and integrity. Authentication is provided by the possession of a secret key, and verifying accidental or intentional changes in the message provides integrity. The following figure illustrates the working of a MAC:
A MAC can be generated using different methods: by using a one time pad or one time secret key, by using a hash function, and by using a stream cipher or by using a block cipher and output the final block as a checksum. An example of the last method is DES with the CBC mode.
A hash function is used to create a checksum called Hashed MAC (HMAC). This hash is then encrypted with a symmetric key and appended to the message. This is the most popular method of generating the MAC. Some examples of this kind of MAC are AES 128 with SHA1 and AES 256 with SHA1.
Android provides the capability to generate an HMAC by using the javax.crypto.Mac class...
