concept

Encrypt-then-MAC

Encrypt-then-MAC is a cryptographic security pattern that ensures both confidentiality and integrity of data by first encrypting the plaintext and then applying a Message Authentication Code (MAC) to the ciphertext. This approach prevents attacks like padding oracle vulnerabilities by verifying the MAC before decryption, making it a recommended best practice in secure communication protocols. It is widely used in standards such as TLS and SSH to protect data in transit.

Also known as: Encrypt and MAC, Encrypt-then-MAC, ETM, Encrypt-and-MAC, Encrypt then MAC
🧊Why learn Encrypt-then-MAC?

Developers should use Encrypt-then-MAC when building systems that require secure data transmission or storage, such as in web APIs, messaging apps, or file encryption tools, to defend against tampering and eavesdropping. It is particularly crucial in scenarios where data integrity is as important as confidentiality, like in financial transactions or sensitive communications, as it ensures that any modification of encrypted data is detected before processing.

Compare Encrypt-then-MAC

Encrypt-then-MAC vs Mac Then Encrypt→Encrypt-then-MAC vs Encrypt And Mac→Encrypt-then-MAC vs Authenticated Encryption→

Learning Resources

📄
OWASP Cryptographic Storage Cheat Sheet
docs
→
🎓
Cryptography I - Coursera
course
→
🎬
Encrypt-then-MAC Explained - YouTube
video
→
📚
Serious Cryptography - Book by Jean-Philippe Aumasson
book
→

Related Tools

CryptographyMessage Authentication CodeTlsSymmetric EncryptionData Integrity

Alternatives to Encrypt-then-MAC

Mac Then EncryptEncrypt And MacAuthenticated Encryption