哈希和MAC（消息验证码）之间的区别是什么？ [英] What is the Difference between a Hash and MAC (Message Authentication code)?

问题描述

Hash和MAC（消息验证码）之间的区别是什么？

根据它们的定义，它们似乎提供相同的功能。

$ b

解决方案

主要区别是概念性的：while hashes 用于保证数据的完整性， MAC 保证完整性和身份验证。

是从消息中盲目生成的，没有任何外部输入：你获得的东西可以用来检查消息在旅行过程中是否有任何改变。

A MAC使用私钥作为生成代码时使用的哈希函数的种子：这应该保证接收者，不仅消息没有被修改，而且发送它的人是我们期待的：否则，攻击者无法知道用于生成代码的私钥。

根据维基百科，你有：

虽然MAC功能类似于加密哈希函数，但它们具有不同的安全要求。为了被认为安全，MAC功能必须抵抗在选择明文攻击下的存在伪造。这意味着即使攻击者可以访问拥有秘密密钥的oracle并为攻击者选择的消息生成MAC，攻击者也不能在没有执行不可行计算量的情况下猜测其他消息的MAC。

$ b $当然，尽管它们的相似之处，但是它们以不同的方式实现：通常MAC生成算法基于具有关心的扩展的哈希码生成算法使用私钥。

What is the Difference between a Hash and MAC (Message Authentication code)?

By their definitions they seem to serve the same function.

Can someone explain what the difference is?

解决方案

The main difference is conceptual: while hashes are used to guarantee the integrity of data, a MAC guarantees integrity AND authentication.

This means that a hashcode is blindly generated from the message without any kind of external input: what you obtain is something that can be used to check if the message got any alteration during its travel.

A MAC instead uses a private key as the seed to the hash function it uses when generating the code: this should assure the receiver that, not only the message hasn't been modified, but also who sent it is what we were expecting: otherwise an attacker couldn't know the private key used to generate the code.

According to wikipedia you have that:

While MAC functions are similar to cryptographic hash functions, they possess different security requirements. To be considered secure, a MAC function must resist existential forgery under chosen-plaintext attacks. This means that even if an attacker has access to an oracle which possesses the secret key and generates MACs for messages of the attacker's choosing, the attacker cannot guess the MAC for other messages without performing infeasible amounts of computation.

Of course, although their similarities, they are implemented in a different way: usually a MAC generation algorithm is based upon a hash code generation algorithm with the extension that cares about using a private key.

这篇关于哈希和MAC（消息验证码）之间的区别是什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！