9

I know the definitions of both but can't specifically tell how they are different and if one is better than the other. Please help.

mikeazo
  • 39,117
  • 9
  • 118
  • 183
Shaily
  • 93
  • 1
  • 4

3 Answers3

7

The main functional difference is that anyone able to verify a Message Authentication Code is also able to forge one, because the same key is used for both tasks; whereas someone with the public key can verify a digital signature, but can't forge one.

Contrary to a MAC, digital signature is thus usable in contexts where the verifier is not trusted, which is of tremendous practical value. There's a price to pay for that: a digital signature is significantly larger, and slower to generate and/or verify, than a MAC is.

fgrieu
  • 149,326
  • 13
  • 324
  • 622
1

They are used in completely different contexts. In public key encryption there is the notion of signature that protects sender authenticity. The secret key is used as the signing key and everybody can verify its correctness. On the other hand in symmetric encryption there is the notion of MAC that protects the integrity of the message with an agreed MAC key between the sender and the receiver.

curious
  • 6,280
  • 6
  • 34
  • 48
0

Message authentication code (MAC) and Digital signature are both used to check the authenticity of the message, but the working of MAC and Digital signature is totally different. Authenticity refers to confirming that the message or system is from the authorised source. It covers the Integrity property of system security.

Then what's the difference among them? MAC shares a common secret key between the sender and receiver. The sender appends the authentication tag generated using the shared secret key, and at the receiver side, the same common secret key is used to check for the authenticity of the message. It is relatively faster than the Digital signature approach.

And on the side of digital signature. Digital signature is an asymmetric key algorithm that is sender uses its private key to sign the message and send to the receiver. The receiver side is unaware of the private key; it has the sender's public key, utilises it to check for the authenticity of the message sent. IT uses a complex algorithm than MAC, so slower in processing, but provides more security because of the nature of asymmetric nature.

krishnA tiwari
  • 1
  • 2