Reputation: 1078
Java - Difference between javax.crypto.Mac and javax.crypto.Cipher?
I would like to understand the difference between javax.crypto.Mac and javax.crypto.Cipher. Those two classes looks very similar (they have similar methods but those two classes do not inherits from each another).
- What's the fundamental difference between those two classes ?
- When should I use (or not use) Mac ?
- When should I use (or not use) Cipher ?
Upvotes: 0
Views: 973
Answers (1)
Reputation: 856
A Message Authentication Code is for integrity. It computes, on some input message, a kind of "keyed checksum" that depends on the message and on the key. With knowledge of the key, the MAC can be verified to match a given message. Alterations are thus reliably detected.
A Symmetric encryption algorithm is for confidentiality. It transforms a message into an unreadable sequence of bits; the encryption is reversible provided that the decryption key is known.
MAC do not ensure confidentiality; the message is kept as is, plainly readable. Encryption does not ensure integrity; alterations may go undetected. In properly applied cryptography, you need both. (But mind that this "properly" term is big.)
Upvotes: 4
Related Questions
- Difference between StringBuilder and StringBuffer
- How do I avoid checking for nulls in Java?
- How do I read / convert an InputStream into a String in Java?
- Is Java "pass-by-reference" or "pass-by-value"?
- What's the difference between @Component, @Repository & @Service annotations in Spring?
- How can I create a memory leak in Java?
- How do I generate random integers within a specific range in Java?
- What are the differences between a HashMap and a Hashtable in Java?
- How to round a number to n decimal places in Java
- What is the difference between public, protected, package-private and private in Java?