Verifying Data Integrity and Authenticating Messages

ICSF provides several methods to verify the integrity of transmitted messages and stored data:

Message authentication code (MAC)
Hash functions, including modification detection code (MDC) processing and one-way hash generation

Note: You can also use digital signatures (see Using Digital Signatures) to authenticate messages.

The choice of callable service depends on the security requirements of the environment in which you are operating. If you need to ensure the authenticity of the sender as well as the integrity of the data, and both the sender and receiver can share a secret key, consider message authentication code processing. If you need to ensure the integrity of transmitted data in an environment where it is not possible for the sender and the receiver to share a secret cryptographic key, consider hashing functions, such as the modification detection code process.

The callable services are described in the following topics:

HMAC Generate (CSNBHMG or CSNBHMG1 and CSNEHMG or CSNEHMG1)
HMAC Verify (CSNBHMV or CSNBHMV1 and CSNEHMV or CSNEHMV1)
MAC Generate (CSNBMGN or CSNBMGN1 and CSNEMGN or CSNEMGN1)
MAC Generate2 (CSNBMGN2, CSNBMGN3, CSNEMGN2, and CSNEMGN3)
MAC Verify (CSNBMVR or CSNBMVR1 and CSNEMVR or CSNEMVR1)
MAC Verify2 (CSNBMVR2, CSNBMVR3, CSNEMVR2, and CSNEMVR3)
MDC Generate (CSNBMDG or CSNBMDG1 and CSNEMDG or CSNEMDG1)
One-Way Hash Generate (CSNBOWH or CSNBOWH1 and CSNEOWH or CSNEOWH1)
Symmetric MAC Generate (CSNBSMG or CSNBSMG1 and CSNESMG or CSNESMG1)
Symmetric MAC Verify (CSNBSMV or CSNBSMV1 and CSNESMV or CSNESMV1)