A digest can be used to check the integrity of a message: that the message has not been
changed. To ensure the integrity of the message and the data origin authentication—
that Alice is the originator of the message, not somebody else—we need to include a
secret held by Alice (that Eve does not possess) in the process; we need to create a message
authentication code (MAC). Figure 29.17 shows the idea.
Alice uses a hash function to create a MAC from the concatenation of the key and
the message, h(K + M). She sends the message and the MAC to Bob over the insecure
channel. Bob separates the message from the MAC. He then makes a new MAC from
the concatenation of the message and the secret key. Bob then compares the newly created
MAC with the one received. If the two MACs match, the message is authentic and
has not been modified by an adversary.
Note that there is no need to use two channels in this case. Both message and the
MAC can be sent on the same insecure channel. Eve can see the message, but she cannot
forge a new message to replace it because Eve does not possess the secret key
between Alice and Bob. She is unable to create the same MAC as Alice did.