The One-Way Hash
A one-way hash is a function that takes a variable-length string (a message) and produces a fixed-length value called a hash value.
A message authentication code (MAC) function is an authentication scheme derived by applying a secret key to a message in some form. three basic types of MAC functions: a hash MAC (HMAC), CBC-MAC, and CMAC.
HMAC
CBC-MAC
If a Cipher Block Chaining Message Authentication Code (CBC-MAC) is being used, the message is encrypted with a symmetric block cipher in CBC mode, and the output of the final block of ciphertext is used as the MAC. The sender does not send the encrypted version of the message, but instead sends the plaintext version and the MAC attached to the message. The receiver receives the plaintext message and encrypts it with the same symmetric block cipher in CBC mode and calculates an independent MAC value. The receiver compares the new MAC value with the MAC value sent with the message.
The receiver knows that the message came from the system that has the other copy of the same symmetric key, so MAC provides a form of authentication. It provides data origin authentication, sometimes referred to as system authentication.
Cipher-Based Message Authentication Code (CMAC)
The symmetric algorithm (AES or 3DES) creates the symmetric key. This key is used to create subkeys. The subkeys are used individually to encrypt the individual blocks of a message
