Message Authentication Codes (MAC's) Defined

Best Practices of MAC's
Picture
The MAC is a short piece of information that ensures the integrity of the message; completeness, reliability and authenticity. The message block is sent through the MAC algorithm and the message is concatenated with the MAC before it sent to the receiver. The receiver takes the new message block, the MAC algorithm on the receiver side generates a MAC.  The receiver’s MAC is vetted against the sender’s MAC.  If they are identical, the message is authenticated.
Best practices of the MAC include several recommendations; however, the two most important are the directive to avoid proprietary development and the Horton Principle. It is best to use industry standard algorithms that have been tested. The Horton Principle states: “authenticate what is meant and not what is said” (Ferguson, 2010). Not only should the message be MAC’d but also the underlying data found in the schema; field length, protocol identifiers, protocol version numbers, etc. This becomes important when communicating data to-from trading partners (customers and suppliers) where one trading partner uses a different version of an application or middleware where the database schema’s may have changed.
Jeff Howell  -  San Carlos, CA  -  Privacy Statement - email Jeff