In Chapter 5, we discussed primitives for symmetric
encryption. Some of those primitives were capable of providing two of
the most important security goals: secrecy and message integrity.
There are occasions where secrecy may not be important in the
slightest, but you'd still like to ensure that
messages are not modified as they go over the Internet. In such
cases, you can use a symmetric primitive such as CWC mode, which
allows you to authenticate data without encrypting any of it.
Alternatively, you can consider using a standalone message
authentication code (MAC).
This chapter focuses on MACs, and it also covers two types of one-way
hash functions: cryptographic hash functions and
"universal" hash functions.
Cryptographic hash functions are used in public key cryptography and
are a popular component to use in a MAC (you can also use block
ciphers), but universal hash functions turn out to be a much better
foundation for a secure MAC.
Many of the recipes in this chapter are too low-level for
general-purpose use. We recommend that you first try to find what you
need in Chapter 9; the recipes there are more
generally applicable. If you do use these recipes, please be careful,
read all our warnings, and consider using the higher-level constructs