What is CMAC

MAC (message authentication code)

The MessageAuthenticationCode (MAC) is a data security code. It is applied to keys in order to form a cryptographic checksum for the data integrity and authenticity of messages. Changes to the message are recognized directly, which means that the MAC code is also used for error detection.


The MAC code is a hash function that contains a key with which the hash value can be verified. A checksum is generated via the parameterization of the hash function, which is appended to the encrypted message.

In the case of the MAC calculation, a message authentication code is calculated using a secret key and a cryptographic block algorithm. The first data block is created as the first input block as a block cipher and linked with the second data block in an XOR operation. The result is used as the second input block and in turn linked as a block cipher with the third data block in XOR, etc., until a block cipher is obtained from the result of the last XOR link, from which the MAC value is then calculated.

The MAC code is a symmetrical encryption that is used, among other things, in online banking in the Home Banking Computer Interface (HBCI) and is particularly suitable for chip cards. However, it is less interesting for home banking, as the bank customer would have to have his own card reader.