A Message Authentication Code (MAC) is a short piece of information, or tag, generated by a cryptographic algorithm using a secret key and a message. The recipient, who also possesses the secret key, can recompute the MAC to verify the message's integrity (it hasn't been tampered with) and its authenticity (it came from the expected sender). Unlike a simple hash, a MAC requires the secret key for both generation and verification, making it infeasible for an attacker to forge a valid tag without it. This makes MACs a core component for securing communication channels and data exchanges.
Glossary
Message Authentication Code (MAC)

What is Message Authentication Code (MAC)?
A Message Authentication Code (MAC) is a cryptographic checksum that provides integrity and authenticity assurances for a message, confirming it originated from the stated sender and was not altered in transit.
In the context of Secure Aggregation Protocols for federated learning, MACs are crucial for verifying the authenticity of model updates sent by clients to the aggregation server. They ensure that updates have not been maliciously altered and originate from legitimate, enrolled devices. This protects the aggregation process from data poisoning and Byzantine attacks. Common MAC constructions include HMAC (Hash-based MAC) and CMAC (Cipher-based MAC), which are built from cryptographic hash functions and block ciphers, respectively.
Core Properties of a MAC
A Message Authentication Code (MAC) is a cryptographic primitive that provides data integrity and authenticity assurances. Its core properties define its security guarantees and operational constraints.
Integrity Verification
A MAC provides integrity verification, ensuring a message has not been altered in transit. The MAC algorithm uses a secret key shared between the sender and receiver to generate a short tag from the message. The receiver independently recomputes the tag; any mismatch indicates tampering or corruption.
- Mechanism: The tag is a function of the entire message content. A single-bit change produces a completely different tag with high probability.
- Example: In secure aggregation protocols, a client attaches a MAC to its model update before transmission. The aggregator verifies the MAC to ensure the update was not corrupted by network errors or malicious intermediaries.
Authenticity Assurance
A MAC provides authenticity assurance, confirming the message originated from a party possessing the shared secret key. This prevents impersonation and forgeries by unauthorized entities.
- Key Principle: Only entities with the secret key can generate a valid MAC for a given message. This binds the message to a specific sender (or group of senders).
- Application: In federated learning, the server can authenticate updates from legitimate, enrolled clients, rejecting contributions from unauthorized or spoofed devices.
- Limitation: Authenticity is symmetric; any party that can verify a MAC can also generate one. For non-repudiation, a digital signature is required.
Key-Dependent Computation
The security of a MAC is fundamentally dependent on the secrecy of the symmetric key. The algorithm is public, but the output is unpredictable without the key.
- Design: Common MAC constructions like HMAC (Hash-based MAC) or CMAC (Cipher-based MAC) use cryptographic hash functions or block ciphers in a keyed mode.
- Requirement: The key must be established via a secure key agreement protocol (e.g., using TLS) and stored securely on both client and server.
- Threat Model: If the key is compromised, an adversary can forge valid MACs, breaking both integrity and authenticity guarantees.
Deterministic Output
For a given message and key, a MAC algorithm produces a deterministic, fixed-length output tag. This determinism enables efficient verification.
- Fixed Length: The tag is a short, constant-size string (e.g., 128 or 256 bits), regardless of input message size. This provides bandwidth efficiency.
- Verification Process: The receiver performs the same deterministic computation. No state or nonce is required for basic verification (unlike some authenticated encryption schemes).
- Caution: Determinism can be a weakness in certain contexts, as identical messages produce identical tags, potentially revealing message equality. This is addressed by including a nonce or message number in the MAC computation.
Resistance to Forgery
A secure MAC must be existentially unforgeable under chosen-message attacks (EUF-CMA). This means an adversary who can obtain MACs for arbitrary messages of their choice cannot forge a valid MAC for a new, previously unseen message.
- Security Definition: This is the formal gold standard for MAC security. It models an attacker with an oracle that generates MACs.
- Implication: Even learning MACs for many messages does not help an attacker produce a valid MAC for a different message. The probability of a successful forgery should be negligible.
- Relation to Aggregation: In secure aggregation, this property prevents a malicious client from forging a valid MAC on an aggregated sum they did not legitimately compute.
Non-Repudiation Limitation
A critical limitation of MACs is the lack of non-repudiation. Because the secret key is shared, both the sender and receiver can generate identical MACs. The receiver cannot prove to a third party that a specific sender generated the message, as the receiver could have forged it themselves.
- Contrast with Digital Signatures: Digital signatures use asymmetric key pairs (private/public) to provide non-repudiation. The signer's private key is unique and not shared.
- Use Case Fit: MACs are ideal for point-to-point or closed-group communication where parties have mutual trust and a shared goal (e.g., server and clients in federated learning). They are faster and more efficient than signatures.
- Protocol Design: For audits requiring third-party verification, MACs must be complemented by additional logging or commitment schemes within a trusted execution environment.
How Does a Message Authentication Code Work?
A Message Authentication Code (MAC) is a fundamental cryptographic primitive that verifies both the integrity and authenticity of a digital message.
A Message Authentication Code (MAC) is a short piece of information, or tag, generated by a cryptographic algorithm that takes a secret key and a message as input. The recipient, who also possesses the secret key, can recompute the MAC on the received message and compare it to the attached tag. If they match, it provides cryptographic assurance that the message has not been altered in transit (integrity) and originated from a party with the correct key (authenticity). This prevents tampering and spoofing in communication protocols.
In secure aggregation protocols for federated learning, MACs are critical for verifying that model updates sent by clients are authentic and unmodified before they are aggregated. A common construction is HMAC (Hash-based MAC), which uses a cryptographic hash function like SHA-256 combined with a secret key. The security of a MAC relies on the secrecy of the key; without it, an adversary cannot feasibly forge a valid tag for a new or altered message, even if they have seen many valid message-tag pairs.
MAC vs. Related Cryptographic Primitives
This table compares Message Authentication Codes (MACs) to other fundamental cryptographic primitives used for data integrity, authenticity, and privacy in secure systems like federated learning.
| Feature / Property | Message Authentication Code (MAC) | Digital Signature | Hash Function (Cryptographic) |
|---|---|---|---|
Primary Cryptographic Goal | Integrity & Authenticity (Symmetric) | Integrity, Authenticity & Non-Repudiation (Asymmetric) | Integrity (No Key) |
Cryptographic Basis | Symmetric Key (Secret Key) | Asymmetric Key (Public/Private Key Pair) | No Key (Deterministic Function) |
Verification Party | Any party possessing the shared secret key | Any party possessing the signer's public key | Any party can recompute the hash |
Non-Repudiation | |||
Formal Privacy Guarantee | |||
Typical Use Case in Secure Aggregation | Authenticating client-server messages, verifying update integrity | Server attestation, certificate authority chains | Commitment schemes, Merkle tree construction for data verification |
Resistance to Quantum Attacks (Current Standard) |
Common MAC Algorithms and Use Cases
A Message Authentication Code (MAC) is a cryptographic checksum that verifies both the integrity and authenticity of a message. Different algorithms offer trade-offs between speed, security, and key management.
Use Case: Secure Aggregation in Federated Learning
In Federated Learning, MACs are critical for ensuring the integrity of model updates exchanged between clients and the aggregator.
- Integrity Assurance: Clients attach a MAC to their encrypted model update using a key shared with the server. This proves the update was not tampered with in transit.
- Preventing Poisoning: While MACs don't prevent malicious updates, they ensure the update received is exactly what the (potentially malicious) client sent, which is essential for audit trails and Byzantine detection.
- Protocol Integration: Used alongside Secure Aggregation and Homomorphic Encryption to provide a full confidentiality, integrity, and authenticity guarantee for the federated learning pipeline.
Frequently Asked Questions
A Message Authentication Code (MAC) is a cryptographic primitive essential for verifying data integrity and authenticity. In secure aggregation protocols for federated edge learning, MACs ensure that model updates originate from legitimate clients and have not been tampered with during transmission.
A Message Authentication Code (MAC) is a short, fixed-size cryptographic tag generated from a message and a secret key, used to verify both the data integrity and authenticity of the message. It works by applying a MAC algorithm (like HMAC or CMAC) that takes the message and a shared secret key as inputs to produce the tag. The sender transmits both the message and the MAC tag. The recipient, who also possesses the secret key, independently recomputes the MAC tag from the received message. If the computed tag matches the received tag, it confirms the message was not altered (integrity) and originated from a party with the correct key (authenticity). This process prevents tampering and spoofing in communication channels.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
A Message Authentication Code (MAC) is a foundational cryptographic primitive. These related concepts are essential for understanding its role in secure, privacy-preserving machine learning systems.
Secure Aggregation
A cryptographic protocol in federated learning that allows a central server to compute the sum of client model updates without learning any individual client's contribution. It is the primary application context for MACs in federated edge learning.
- Purpose: Ensures the server only sees the aggregated result, not individual gradients or weights.
- Mechanism: Often uses cryptographic techniques like pairwise masking where clients add and subtract shared secrets that cancel out upon summation.
- Role of MACs: Used to authenticate each client's masked update, preventing malicious clients from corrupting the aggregation with invalid data.
Symmetric Encryption
A cryptographic system where the same secret key is used for both encryption and decryption. MACs are intrinsically linked to symmetric cryptography.
- Relationship to MACs: Most MAC algorithms (e.g., HMAC, CMAC) are built using symmetric cryptographic primitives like block ciphers (AES) or hash functions (SHA-256).
- Key Management: Both systems require secure, pre-shared key distribution between communicating parties.
- Contrast with Asymmetric: Faster and more efficient than public-key (asymmetric) encryption, making it suitable for authenticating high-volume data streams in distributed systems.
Hash-Based Message Authentication Code (HMAC)
A specific, widely-used type of MAC calculated using a cryptographic hash function (like SHA-256) in combination with a secret key. It is a standard for data integrity and authenticity.
- Construction:
HMAC(K, m) = H((K ⊕ opad) || H((K ⊕ ipad) || m)), whereHis a hash function,Kis the key, andmis the message. - Security: Proven secure if the underlying hash function is collision-resistant.
- Usage: The default choice in many network security protocols (TLS, IPSec) and APIs for verifying message authenticity.
Digital Signature
A cryptographic scheme that provides authentication, integrity, and non-repudiation using asymmetric (public-key) cryptography. It is a more powerful but computationally heavier alternative to a MAC.
- Key Difference: Uses a public/private key pair. The private key signs, the public key verifies. This provides non-repudiation—the signer cannot later deny signing.
- MAC vs. Signature: A MAC requires a shared secret and provides only authentication/integrity between parties who know the key. A signature provides publicly verifiable proof of origin.
- Application: Used in federated learning for authenticating server-to-client communications (e.g., model broadcasts) where the server's identity must be publicly verifiable by all clients.
Authenticated Encryption (AE)
An encryption mode that simultaneously provides confidentiality, integrity, and authenticity of the encrypted data. It often combines a symmetric cipher with a MAC.
- Schemes: Modern standards like AES-GCM (Galois/Counter Mode) perform encryption and authentication in a single, efficient operation.
- Composition: Can be built as Encrypt-then-MAC (encrypt plaintext, then MAC the ciphertext), which is generally the most secure method.
- Role in Secure Channels: Forms the basis for Transport Layer Security (TLS), securing all communication between federated learning clients and the central aggregator.
Honest-but-Curious Adversary
A standard security model (also called semi-honest) where participants follow the protocol correctly but may attempt to learn extra information from the messages they observe. MACs help enforce this model.
- Model Assumption: The server and clients execute the federated learning steps faithfully but are curious about individual data.
- MAC's Role: Prevents a curious server from accepting a forged update from a malicious client, which could bias the model or leak information about other clients' updates.
- Limitation: MACs do not protect against fully malicious adversaries who arbitrarily deviate from the protocol; stronger primitives like zero-knowledge proofs may be required.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us