Glossary · Security Controls

Message Authentication Code (MAC)

Also known as: Message Authentication Code

Short cryptographic tag that proves a message's origin and integrity to a receiver sharing a key.

A MAC is computed over a message and a secret key (e.g. AES-CMAC, HMAC). A receiver with the same key can verify both that the message was produced by an authorised sender and that it has not been altered in transit. It underpins SecOC and most automotive secure-communication primitives.

Why it matters

The MAC is the cryptographic primitive that makes message authentication — and therefore SecOC — possible. Getting the algorithm, key length, and freshness handling right is a recurring TARA decision, because weak or missing message authentication is one of the most common findings in automotive threat analysis.

Related terms

SecOC
AUTOSAR Secure Onboard Communication — message authentication for in-vehicle communication.
CSM (Crypto Service Manager)
AUTOSAR module that exposes cryptographic services to upper layers.
Key Management
Lifecycle of cryptographic keys from generation through deployment, rotation, and revocation.

Need help applying Message Authentication Code (MAC) on a programme? Use the contact form or request a KAVACH demo.

Message Authentication Code (MAC)

SecOC

CSM (Crypto Service Manager)

Key Management