Main Page: Difference between revisions

From formulasearchengine
Jump to navigation Jump to search
No edit summary
No edit summary
 
(478 intermediate revisions by more than 100 users not shown)
Line 1: Line 1:
In [[cryptography]], a '''message authentication code''' (often '''MAC''') is a short piece of information used to [[authenticate]] a [[message]].
This is a preview for the new '''MathML rendering mode''' (with SVG fallback), which is availble in production for registered users.


A MAC [[algorithm]], sometimes called a '''keyed''' ('''cryptographic''') '''hash function''', accepts as input a [[secret key]] and an arbitrary-length message to be authenticated, and outputs a MAC (sometimes known as a ''tag''). The MAC value protects both a message's [[data integrity]] as well as its [[Authentication|authenticity]], by allowing verifiers (who also possess the secret key) to detect any changes to the message content.
If you would like use the '''MathML''' rendering mode, you need a wikipedia user account that can be registered here [[https://en.wikipedia.org/wiki/Special:UserLogin/signup]]
* Only registered users will be able to execute this rendering mode.
* Note: you need not enter a email address (nor any other private information). Please do not use a password that you use elsewhere.


== Security ==
Registered users will be able to choose between the following three rendering modes:


While MAC functions are similar to [[cryptographic hash function]]s, they possess different security requirements. To be considered secure, a MAC function must resist [[existential forgery]] under [[chosen-plaintext attack]]s. This means that even if an attacker has access to an [[oracle machine|oracle]] which possesses the secret key and generates MACs for messages of the attacker's choosing, the attacker cannot guess the MAC for other messages{{clarify|why guess when the oracle will tell the attacker the MAC?  By "other messages", do we mean those with different keys?|date=May 2012}} without performing infeasible amounts of computation.
'''MathML'''
:<math forcemathmode="mathml">E=mc^2</math>


MACs differ from [[digital signature]]s as MAC values are both generated and verified using the same secret key. This implies that the sender and receiver of a message must agree on the same key before initiating communications, as is the case with [[symmetric encryption]]. For the same reason, MACs do not provide the property of [[non-repudiation]] offered by signatures specifically in the case of a network-wide shared secret key: any user who can verify a MAC is also capable of generating MACs for other messages. In contrast, a digital signature is generated using the private key of a key pair, which is [[asymmetric encryption]]. Since this private key is only accessible to its holder, a digital signature proves that a document was signed by none other than that holder. Thus, digital signatures do offer non-repudiation.
<!--'''PNG'''  (currently default in production)
:<math forcemathmode="png">E=mc^2</math>


== Message integrity codes ==
'''source'''
:<math forcemathmode="source">E=mc^2</math> -->


The term ''message integrity code (MIC)'' is frequently substituted for the term MAC, especially in communications,<ref>{{cite paper |publisher=[[IEEE-SA]] |title=IEEE 802.11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications |date=12 June 2007 |doi=10.1109/IEEESTD.2007.373646 |url=http://standards.ieee.org/getieee802/download/802.11-2007.pdf | version=(2007 revision)}}</ref> where the acronym MAC traditionally stands for [[Media Access Control]]. However, some authors<ref>[http://www.cs.cornell.edu/courses/cs513/2005fa/NL20.hashing.html Fred B Schneider, Hashes and Message Digests, Cornell University]</ref> use MIC as a distinctly different term from a MAC; in their usage of the term the MIC operation does not use secret keys. This lack of security means that any MIC intended for use gauging message integrity should be encrypted or otherwise be protected against tampering. MIC algorithms are created such that a given message will always produce the same MIC assuming the same algorithm is used to generate both. Conversely, MAC algorithms are designed to produce matching MACs only if the same message, secret key and [[initialization vector]] are input to the same algorithm.  MICs do not use secret keys and, when taken on their own, are therefore a much less reliable gauge of message integrity than MACs. Because MACs use secret keys, they do not necessarily need to be encrypted to provide the same level of assurance.
<span style="color: red">Follow this [https://en.wikipedia.org/wiki/Special:Preferences#mw-prefsection-rendering link] to change your Math rendering settings.</span> You can also add a [https://en.wikipedia.org/wiki/Special:Preferences#mw-prefsection-rendering-skin Custom CSS] to force the MathML/SVG rendering or select different font families. See [https://www.mediawiki.org/wiki/Extension:Math#CSS_for_the_MathML_with_SVG_fallback_mode these examples].


== Implementation ==
==Demos==


MAC algorithms can be constructed from other cryptographic primitives, such as [[cryptographic hash function]]s (as in the case of [[HMAC]]) or from [[block cipher]] algorithms ([[OMAC (cryptography)|OMAC]], [[CBC-MAC]] and [[PMAC (cryptography)|PMAC]]). However many of the fastest MAC algorithms such as [[UMAC]] and [[VMAC]] are constructed based on [[universal hashing]].<ref>{{cite paper |url=http://www.fastcrypto.org/vmac/draft-krovetz-vmac-01.txt|title=VMAC: Message Authentication Code using Universal Hashing  |accessdate=16 March 2010 |work=CFRG Working Group |publisher=CFRG Working Group}}</ref>
Here are some [https://commons.wikimedia.org/w/index.php?title=Special:ListFiles/Frederic.wang demos]:


== Standards ==
Various standards exist that define MAC algorithms. These include:
* FIPS PUB 113 ''Computer Data Authentication'',<ref>[http://www.itl.nist.gov/fipspubs/fip113.htm FIPS PUB 113 ''Computer Data Authentication'']</ref> withdrawn in 2002,<ref>[http://www.itl.nist.gov/fipspubs/withdraw.htm Federal Information Processing Standards Publications, Withdrawn FIPS Listed by Number]</ref> defines an algorithm based on [[DES]].
* [[ISO/IEC 9797-1]] ''Mechanisms using a block cipher''<ref>[http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=30656 ISO/IEC 9797-1 ''Information technology &mdash; Security techniques &mdash; Message Authentication Codes (MACs) &mdash; Part 1: Mechanisms using a block cipher'']</ref>
* ISO/IEC 9797-2 ''Mechanisms using a dedicated hash-function''<ref>[http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=31136 ISO/IEC 9797-2 ''Information technology &mdash; Security techniques &mdash; Message Authentication Codes (MACs) &mdash; Part 2: Mechanisms using a dedicated hash-function'']</ref>


ISO/IEC 9797-1 and -2 define generic models and algorithms that can be used with any block cipher or hash function, and a variety of different parameters. These models and parameters allow more specific algorithms to be defined by nominating the parameters. For example the FIPS PUB 113 algorithm is functionally equivalent to ISO/IEC 9797-1 MAC algorithm 1 with padding method 1 and a block cipher algorithm of DES.
* accessibility:
** Safari + VoiceOver: [https://commons.wikimedia.org/wiki/File:VoiceOver-Mac-Safari.ogv video only], [[File:Voiceover-mathml-example-1.wav|thumb|Voiceover-mathml-example-1]], [[File:Voiceover-mathml-example-2.wav|thumb|Voiceover-mathml-example-2]], [[File:Voiceover-mathml-example-3.wav|thumb|Voiceover-mathml-example-3]], [[File:Voiceover-mathml-example-4.wav|thumb|Voiceover-mathml-example-4]], [[File:Voiceover-mathml-example-5.wav|thumb|Voiceover-mathml-example-5]], [[File:Voiceover-mathml-example-6.wav|thumb|Voiceover-mathml-example-6]], [[File:Voiceover-mathml-example-7.wav|thumb|Voiceover-mathml-example-7]]
** [https://commons.wikimedia.org/wiki/File:MathPlayer-Audio-Windows7-InternetExplorer.ogg Internet Explorer + MathPlayer (audio)]
** [https://commons.wikimedia.org/wiki/File:MathPlayer-SynchronizedHighlighting-WIndows7-InternetExplorer.png Internet Explorer + MathPlayer (synchronized highlighting)]
** [https://commons.wikimedia.org/wiki/File:MathPlayer-Braille-Windows7-InternetExplorer.png Internet Explorer + MathPlayer (braille)]
** NVDA+MathPlayer: [[File:Nvda-mathml-example-1.wav|thumb|Nvda-mathml-example-1]], [[File:Nvda-mathml-example-2.wav|thumb|Nvda-mathml-example-2]], [[File:Nvda-mathml-example-3.wav|thumb|Nvda-mathml-example-3]], [[File:Nvda-mathml-example-4.wav|thumb|Nvda-mathml-example-4]], [[File:Nvda-mathml-example-5.wav|thumb|Nvda-mathml-example-5]], [[File:Nvda-mathml-example-6.wav|thumb|Nvda-mathml-example-6]], [[File:Nvda-mathml-example-7.wav|thumb|Nvda-mathml-example-7]].
** Orca: There is ongoing work, but no support at all at the moment [[File:Orca-mathml-example-1.wav|thumb|Orca-mathml-example-1]], [[File:Orca-mathml-example-2.wav|thumb|Orca-mathml-example-2]], [[File:Orca-mathml-example-3.wav|thumb|Orca-mathml-example-3]], [[File:Orca-mathml-example-4.wav|thumb|Orca-mathml-example-4]], [[File:Orca-mathml-example-5.wav|thumb|Orca-mathml-example-5]], [[File:Orca-mathml-example-6.wav|thumb|Orca-mathml-example-6]], [[File:Orca-mathml-example-7.wav|thumb|Orca-mathml-example-7]].
** From our testing, ChromeVox and JAWS are not able to read the formulas generated by the MathML mode.


==Example==
==Test pages ==
[[Image:MAC.svg]]


In this example, the sender of a message runs it through a MAC algorithm to produce a MAC data tag. The message and the MAC tag are then sent to the receiver. The receiver in turn runs the message portion of the transmission through the same MAC algorithm using the same key, producing a second MAC data tag. The receiver then compares the first MAC tag received in the transmission to the second generated MAC tag. If they are identical, the receiver can safely assume that the integrity of the message was not compromised, and the message was not altered or tampered with during transmission.
To test the '''MathML''', '''PNG''', and '''source''' rendering modes, please go to one of the following test pages:
*[[Displaystyle]]
*[[MathAxisAlignment]]
*[[Styling]]
*[[Linebreaking]]
*[[Unique Ids]]
*[[Help:Formula]]


===One-time MAC===
*[[Inputtypes|Inputtypes (private Wikis only)]]
 
*[[Url2Image|Url2Image (private Wikis only)]]
[[Universal hashing]] and in particular [[pairwise independent]] hash functions provide a message authentication code as long as the key is used at most once (or less than <math>k</math>-times for <math>k</math>-wise independent hash functions. This can be seen as of the [[one-time pad]] for authentication.
==Bug reporting==
<ref>[[Gustavus Simmons]], Authentication theory/coding theory, Proceedings of CRYPTO 84 on Advances in cryptology, p.411-431, August 1985, Santa Barbara, California, United States.</ref>
If you find any bugs, please report them at [https://bugzilla.wikimedia.org/enter_bug.cgi?product=MediaWiki%20extensions&component=Math&version=master&short_desc=Math-preview%20rendering%20problem Bugzilla], or write an email to math_bugs (at) ckurs (dot) de .
 
The simplest such pairwise independent hash function is defined by the random key <math>key=(a,b)</math> and the mac tag for a message <math>m</math> is computed as <math>tag:=a*m + b\;\mathit{ mod }\;p</math>, where <math>p</math> is a prime.
 
==See also==
* [[Integrity check value]]
* [[UMAC]]
* [[HMAC]]
* [[CMAC]]
* [[VMAC]]
* [[Poly1305-AES]]
* [[MMH-Badger MAC]]
 
==External links==
* [http://www.rsasecurity.com/rsalabs/node.asp?id=2177 RSA Laboratories entry on MACs]
* [http://web.mit.edu/6.857/OldStuff/Fall97/lectures/lecture3.pdf Ron Rivest lecture on MACs]
 
==References==
<references/>
 
{{Cryptography navbox | hash}}
 
[[Category:Message authentication codes]]
 
[[ca:Message authentication code]]
[[cs:MAC funkce]]
[[da:Message authentication code]]
[[de:Message Authentication Code]]
[[es:Message authentication code]]
[[fa:کد اصالت‌سنجی پیام]]
[[fr:Code d'authentification de message]]
[[ko:메시지 인증 코드]]
[[it:Message authentication code]]
[[he:קוד אימות מסרים]]
[[ja:メッセージ認証符号]]
[[pl:Kod uwierzytelniania wiadomości]]
[[pt:Autenticador de mensagem]]
[[ru:Имитовставка]]
[[tr:Mesaj Doğrulama Kodu]]
[[uk:MAC підпис]]

Latest revision as of 22:52, 15 September 2019

This is a preview for the new MathML rendering mode (with SVG fallback), which is availble in production for registered users.

If you would like use the MathML rendering mode, you need a wikipedia user account that can be registered here [[1]]

  • Only registered users will be able to execute this rendering mode.
  • Note: you need not enter a email address (nor any other private information). Please do not use a password that you use elsewhere.

Registered users will be able to choose between the following three rendering modes:

MathML

E=mc2


Follow this link to change your Math rendering settings. You can also add a Custom CSS to force the MathML/SVG rendering or select different font families. See these examples.

Demos

Here are some demos:


Test pages

To test the MathML, PNG, and source rendering modes, please go to one of the following test pages:

Bug reporting

If you find any bugs, please report them at Bugzilla, or write an email to math_bugs (at) ckurs (dot) de .