A firewall is an integrated collection of security measures designed to prevent unauthorized

electronic access to a networked computer system. It is also a device or set of devices configured
to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security
domains based upon a set of rules and other criteria.
A system designed to prevent unauthorized access to or from a private network. Firewalls can be
implemented in both hardware and software, or a combination of both. Firewalls are frequently
used to prevent unauthorized Internet users from accessing private networks connected to the
Internet, especially intranets. All messages entering or leaving the intranet pass through the
firewall, which examines each message and blocks those that do not meet the specified security
criteria.
There are several types of firewall techniques:
1. Packet filter: Looks at each packet entering or leaving the network and accepts or rejects
it based on user-defined rules. Packet filtering is fairly effective and transparent to users,
but it is difficult to configure. In addition, it is susceptible to IP spoofing.
2. Application gateway: Applies security mechanisms to specific applications, such as FTP
and Telnet servers. This is very effective, but can impose a performance degradation.
3. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is
established. Once the connection has been made, packets can flow between the hosts
without further checking.
4. Proxy server: Intercepts all messages entering and leaving the network. The proxy server
effectively hides the true network addresses.

Function
A firewall is a dedicated appliance, or software running on another computer, which inspects
network traffic passing through it, and denies or permits passage based on a set of rules.
A firewall's basic task is to regulate some of the flow of traffic between computer networks of
different trust levels. Typical examples are the Internet which is a zone with no trust and an
internal network which is a zone of higher trust. A zone with an intermediate trust level, situated
between the Internet and a trusted internal network, is often referred to as a "perimeter network"
or Demilitarized zone (DMZ).
A firewall's function within a network is similar to physical firewalls with fire doors in building
construction. In the former case, it is used to prevent network intrusion to the private network. In
the latter case, it is intended to contain and delay structural fire from spreading to adjacent
structures.
Without proper configuration, a firewall can often become worthless. Standard security practices
dictate a "default-deny" firewall ruleset, in which the only network connections which are
allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration
requires detailed understanding of the network applications and endpoints required for the
organization's day-to-day operation. Many businesses lack such understanding, and therefore
implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically
blocked. This configuration makes inadvertent network connections and system compromise
much more likely.
Types
There are several classifications of firewalls depending on where the communication is taking
place, where the communication is intercepted and the state that is being traced.
[edit] Network layer and packet filters
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP
protocol stack, not allowing packets to pass through the firewall unless they match the
established rule set. The firewall administrator may define the rules; or default rules may apply.
The term "packet filter" originated in the context of BSD operating systems.
Network layer firewalls generally fall into two sub-categories, stateful and stateless. Stateful
firewalls maintain context about active sessions, and use that "state information" to speed packet
processing. Any existing network connection can be described by several properties, including
source and destination IP address, UDP or TCP ports, and the current stage of the connection's
lifetime (including session initiation, handshaking, data transfer, or completion connection). If a
packet does not match an existing connection, it will be evaluated according to the ruleset for
new connections. If a packet matches an existing connection based on comparison with the
firewall's state table, it will be allowed to pass without further processing.
Stateless firewalls require less memory, and can be faster for simple filters that require less time
to filter than to look up a session. They may also be necessary for filtering stateless network
protocols that have no concept of a session. However, they cannot make more complex decisions
based on what stage communications between hosts have reached.
Modern firewalls can filter traffic based on many packet attributes like source IP address, source
port, destination IP address or port, destination service like WWW or FTP. They can filter based
on protocols, TTL values, netblock of originator, domain name of the source, and many other
attributes.
Commonly used packet filters on various versions of Unix are ipf (various), ipfw (FreeBSD/Mac
OS X), pf (OpenBSD, and all other BSDs), iptables/ipchains (Linux).

[edit] Example of some basic firewall rules

Examples using a subnet address of 10.10.10.x and 255.255.255.0 as the subnet mask for the
local area network (LAN).
It is common to allow a response to a request for information coming from a computer inside the
local network, like NetBIOS.
Direction Protocol Source Address Source Port Destination
Address Destination Port Action
In/Out Tcp/Udp Any Any 10.10.10.0
>1023 Allow
Firewall rule that allows all traffic out.
Direction Protocol Source Address Source Port Destination
Address Destination Port Action
Out Tcp/Udp 10.10.10.0 Any Any
Any Allow
Firewall rule for SMTP (default port 25), allows packets governed by this protocol to access the
local SMTP Gateway (which in this example has the IP 10.10.10.6). (it is far more common to
not specify the Destination Address, or if desired, to use the ISP SMTP service address).
Direction Protocol Source Address Source Port Destination
Address Destination Port Action
Out Tcp Any Any 10.10.10.6
25 Allow
General Rule for the final firewall entry. If a policy does not explicitly allow a request for
service, that service should be denied by this catch-all rule which should be the last in the list of
rules.
Direction Protocol Source Address Source Port Destination
Address Destination Port Action
In/Out Tcp/Udp Any Any Any
Any Deny
Other useful rules would be allowing ICMP error messages, restricting all destination ports
except port 80 in order to allow only web browsing, etc.
[edit] Application-layer
Main article: Application layer firewall

Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser
traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an
application. They block other packets (usually dropping them without acknowledgment to the
sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching
protected machines.
On inspecting all packets for improper content, firewalls can restrict or prevent outright the
spread of networked computer worms and trojans. In practice, however, this becomes so
complex and so difficult to attempt (given the variety of applications and the diversity of content
each may allow in its packet traffic) that comprehensive firewall design does not generally
attempt this approach.
The XML firewall exemplifies a more recent kind of application-layer firewall.
[edit] Proxies
Main article: Proxy server

A proxy device (running either on dedicated hardware or as software on a general-purpose

machine) may act as a firewall by responding to input packets (connection requests, for example)
in the manner of an application, whilst blocking other packets.
Proxies make tampering with an internal system from the external network more difficult and
misuse of one internal system would not necessarily cause a security breach exploitable from
outside the firewall (as long as the application proxy remains intact and properly configured).
Conversely, intruders may hijack a publicly-reachable system and use it as a proxy for their own
purposes; the proxy then masquerades as that system to other internal machines. While use of
internal address spaces enhances security, crackers may still employ methods such as IP spoofing
to attempt to pass packets to a target network.
[edit] Network address translation
Main article: Network address translation
Firewalls often have network address translation (NAT) functionality, and the hosts protected
behind a firewall commonly have addresses in the "private address range", as defined in RFC
1918. Firewalls often have such functionality to hide the true address of protected hosts.
Originally, the NAT function was developed to address the limited number of IPv4 routable
addresses that could be used or assigned to companies or individuals as well as reduce both the
amount and therefore cost of obtaining enough public addresses for every computer in an
organization. Hiding the addresses of protected devices has become an increasingly important
defense against network reconnaissance.

(fīr´wâl) (n.) A system designed to prevent unauthorized access to or from a private

network. Firewalls can be implemented in both hardware and software, or a combination of
both. Firewalls are frequently used to prevent unauthorized Internet users from accessing
private networks connected to the Internet, especially intranets. All messages entering or
leaving the intranet pass through the firewall, which examines each message and blocks
those that do not meet the specified security criteria.

There are several types of firewall techniques:

 Packet filter: Looks at each packet entering or leaving the network and accepts
or rejects it based on user-defined rules. Packet filtering is fairly effective and
transparent to users, but it is difficult to configure. In addition, it is susceptible to IP
spoofing.

 Application gateway: Applies security mechanisms to specific applications,

such as FTP and Telnet servers. This is very effective, but can impose a performance
degradation.

 Circuit-level gateway: Applies security mechanisms when a TCP or UDP

connection is established. Once the connection has been made, packets can flow
between the hosts without further checking.

 Proxy server: Intercepts all messages entering and leaving the network. The
proxy server effectively hides the true network addresses.

In practice, many firewalls use two or more of these techniques in concert.

A firewall is considered a first line of defense in protecting private information.

For greater security, data can be encrypteWhy You Need a Firewall

Introduction
With the rapid growth of interest in the Internet and the Windows NT operating system, network
security has become a major concern to companies throughout the world. The fact that the
information and tools needed to penetrate the security of corporate networks are widely available
has only increased that concern.
Because of this increased focus on network security, network administrators often spend more
effort protecting their networks than on actual network setup and administration. New tools that
probe for system vulnerabilities, such as the Security Administrator Tool for Analyzing
Networks (SATAN), assist in these efforts, but these tools only point out areas of weakness
instead of providing a means to protect networks. Thus, as a network administrator, you are
constantly trying to keep abreast of the wide number of security issues confronting you in today's
world. The next section describes many of the security issues that arise when connecting a
private network to the Internet.
d

Security Issues When Connecting to the Internet

When you connect your private network to the Internet, you are physically connecting your
network to well over 50,000 unknown networks and all of their users. While such connections
open the door to many useful applications and provide great opportunities for information
sharing, most private networks contain some information that should not be shared with outside
users on the Internet. In addition, not all Internet users are involved in lawful activities. These
two statements foreshadow the key questions behind most security issues on the Internet:
• How do you protect confidential information from those who do not explicitly
need to access it?

• How do you protect your network and its resources from malicious users and
accidents that originate outside of your network?

The following sections describe the security issues and types of attacks focused around these two
questions.

Note When people access information that they should not be accessing, or when
they attempt to do something undesirable to a network or its resources, we refer to
such attempts as attacks. An attack is some action, or attempted action, that you
do not want to happen on your network. The person who performs such an action is
called an attacker.

Protecting Confidential Information

Confidential information can reside in two states on a network. It can reside on physical storage
media, such as a hard drive or memory, or it can reside in transit across the physical network
wire in the form of packets. These two information states present multiple opportunities for
attacks from users on your internal network, as well as those users on the Internet. We are
primarily concerned with the second state, which involves network security issues. The
following list introduces five common methods of attack that present opportunities to
compromise the information on your network:
• network packet sniffers

• IP spoofing

• password attacks

• distribution of sensitive internal information to external sources

 • man-in-the-middle attacks

When protecting your information from these attacks, your concern is preventing the theft,
destruction, corruption, and introduction of information. These results can cause irreparable
damage to sensitive and confidential information. Below, we describe these common methods of
attack and provide examples of how your information can be compromised.
Network Packet Sniffers
Because networked computers communicate serially (one information piece is sent after
another), large information pieces are broken into smaller pieces. (The information stream would
be broken into smaller pieces even if networks communicated in parallel. The overriding reason
for breaking streams into network packets is that computers have limited intermediate buffers.)
These smaller pieces are called network packets. Currently, Windows NT distributes network
packets in "clear text;" the information sent across the network is not encrypted. (Encryption is
the transformation, or "scrambling," of a message into an unreadable format using a
mathematical algorithm.) Because the network packets are not encrypted, they can be processed
and understood by any application that can pick them up off of the network and process them.

Note The Windows NT Remote Access Service (RAS) does provide encryption
methods for protecting the packets that are sent across modem connections. The
Point-to-Point Tunneling Protocol (PPTP) provides encryption between Windows NT
clients and Windows NT servers over RAS, but this solution is limited. It does not
include client-to-client encryption or support for non-Windows NT-based computers.
Neither of these encryption techniques are standard for all TCP/IP-based
communications. Third-party products are available that provide encryption for all
TCP/IP-based communications.

A network protocol specifies how packets are identified and labeled, which enables a computer
to determine whether a packet is intended for it. Because the specifications for network
protocols, such as TCP/IP, are widely published, a third party can easily interpret the network
packets and develop a packet sniffer. (The real threat today results from the numerous freeware
and shareware packet sniffers that are available, which do not require the user to understand
anything about the underlying protocols.) A packet sniffer is a software application that uses a
network adapter card in promiscuous mode (a mode in which the network adapter card sends all
packets received on the physical network wire to an application for processing) to capture all
network packets that are sent across a local area network.
Because Windows NT distributes network packets in clear text, a packet sniffer can provide its
user with meaningful and often sensitive information, such as user account names and
passwords. If you use networked databases, a packet sniffer can provide an attacker with
information that is queried from the database, as well as the user account names and passwords
used to access the database. The more serious problem with acquiring user account names and
passwords is that users often reuse their login names and passwords across multiple applications.
In addition, many network administrators use packet sniffers to diagnose and fix network-related
problems. Because in the course of their usual and necessary duties these network administrators
work during regular employee hours (such as those in the Payroll Department), they can
potentially examine sensitive information distributed across the network.
Many users employ a single password for access to all accounts and applications. If an
application is run in client-server mode and authentication information is sent across the network
in clear text, then it is likely that this same authentication information can be used to gain access
to other corporate resources. Because attackers know and use human characteristics (attack
methods known collectively as social engineering attacks), such as using a single password for
multiple accounts, they are often successful in gaining access to sensitive information.
IP Spoofing
An IP spoofing attack occurs when an attacker outside your network pretends to be a trusted
computer either by using an IP address that is within the range of IP addresses for your network
or by using an authorized external IP address that you trust and to which you wish to provide
access to specified resources on your network.

Note A trusted computer is a computer that you have administrative control over or
one that you consciously make a decision to "trust" to allow access to your network.

Normally, an IP spoofing attack is limited to the injection of data or commands into an existing
stream of data passed between a client and server application or a peer-to-peer network
connection. To enable bi-directional communication, the attacker must change all routing tables
to point to the spoofed IP address. Another approach the attacker could take is to simply not
worry about receiving any response from the applications. If an attacker is attempting to get a
system to mail him a sensitive file, application responses are unimportant.
However, if an attacker manages to change the routing tables to point to the spoofed IP address,
he can receive all of the network packets that are addressed to the spoofed address and reply just
as any trusted user can. Like packet sniffers, IP spoofing is not restricted to people who are
external to your network.
Password Attacks
Password attacks can be implemented using several different methods, including brute force
attacks, Trojan horse programs (discussed later in the Application Layer Attacks section), IP
spoofing, and packet sniffers. Although packet sniffers and IP spoofing can yield user accounts
and passwords, password attacks usually refer to repeated attempts to identify a user account
and/or password. These repeated attempts are called brute force attacks.
Often a brute force attack is performed using a program that runs across the network and
attempts to log into a shared resource, such as a server. When an attacker successfully gains
access to a resource, he has the same rights as the user whose account has been compromised to
gain access to that resource. If this account has sufficient privileges, the attacker can create a
"back door" for future access, without concern for any status and password changes to the
compromised user account.
Distribution of Sensitive Information
Controlling the distribution of sensitive information is at the core of your network security
policy. While such an attack may not seem obvious to you, the majority of computer break-ins
that organizations suffer are at the hands of a disgruntled present or former employee (Miller,
Stewart S., Secure Your Data: Web Site Attacks On The Rise!, Inter@ctive Week, January 29,
1996.). At the core of these security breaches is the distribution of sensitive information to
competitors or others who will use it to your disadvantage. While an outside intruder can use
password and IP spoofing attacks to copy information, an internal user can easily place sensitive
information on an external computer or share a drive on the network with other users.
As an example, an internal user could place a file on an external FTP server without ever leaving
his desk. He could also e-mail an attachment that contains sensitive information to an external
user.
Man-in-the-Middle Attacks
A "man-in-the-middle" attack requires that the attacker have access to network packets that come
across the networks. An example configuration could be someone who is working for your
Internet service provider (ISP), who can gain access to all network packets transferred between
your network and any other network. Such attacks are often implemented using network packet
sniffers and routing and transport protocols. The possible uses of such attacks are theft of
information, hijacking an ongoing session to gain access to your internal network resources,
traffic analysis to derive information about your network and its users, denial of service,
corruption of transmitted data, and introduction of new information into network sessions.
Protecting Your Network: Maintaining Internal Network System Integrity
While protecting your information may be your highest priority, protecting the integrity of your
network is critical in your ability to protect the information that it contains. A breach in the
integrity of your network can be extremely costly in time and effort, and it can open multiple
avenues for continued attacks. In this section, we describe five methods of attack that are
commonly used to compromise the integrity of your network:
• network packet sniffers

• IP spoofing

• password attacks

• denial of service

• application layer attacks

When considering what to protect within your network, you are concerned with maintaining the
integrity of the physical network, your network software, any other network resources, and your
reputation. This integrity involves the verifiable identity of computers and users, proper
operation of the services that your network provides, and optimal network performance—all of
these concerns are important in maintaining a productive network environment. Below, we
describe the previously mentioned attacks and provide examples of how they can be used to
compromise your network's integrity.
Network Packet Sniffers
As we mentioned earlier, network packet sniffers can yield critical system information, such as
user accounts and passwords. Once an attacker obtains the correct account information, that
attacker has the run of your network. In a worst-case scenario, an attacker gains access to a
system-level user account, which the attacker uses to create a new account that can be used at
anytime as a "back door" to get into your network and its resources. The attacker can modify
system critical files, such as the password for the system administrator account, the list of
services and permissions on file servers, and the login information for other computers that
contain confidential information.
Packet sniffers provide information about the topology of your network that many attackers find
useful. This information, such as what computers run which services, how many computers are
on your network, which computers have access to others, etc., can be deduced from the
information contained within the network packets that are distributed across your network as part
of necessary daily operations.
In addition, a network packet sniffer can be modified to interject new information or change
existing information in a network packet. By doing so, the attacker can cause network
connections to shut down prematurely, as well as change critical information within the packet.
Imagine what could happen if an attacker modified the information being transmitted to your
accounting system. The effects of such attacks can be hard to detect and can be very costly to
correct.
IP Spoofing
While IP spoofing can yield access to user accounts and passwords, these attacks also can be
used in other ways. One way is where an attacker emulates one of your internal users in ways
that prove embarrassing for your organization. For example, the attacker could send e-mail
messages to business partners that appear to have originated from someone within your
organization. Such attacks are easier when an attacker has a user account and password, but they
are possible by combining simple spoofing attacks with knowledge of messaging protocols.
Password Attacks
Just as with packet sniffers and IP spoofing attacks, a brute force password attack can provide
access to accounts that can be used to modify critical network files and services. An example that
compromises your network's integrity is where an attacker modifies the routing tables for your
network. By doing so, an attacker ensures that all network packets are routed to him before they
are transmitted to their final destination. In such a case, an attacker can monitor all of your
network traffic, effectively becoming a "man in the middle."
Denial-of-Service Attacks
Denial-of-service attacks are different from most other attacks because they are not targeted at
gaining access to your network or the information on your network. These attacks focus on
making a service unavailable for normal use, which is typically accomplished by exhausting
some resource limitation on the network or within an operating system or application.
When involving specific network server applications, such as a HTTP or FTP server, these
attacks can focus on acquiring and keeping open all of the available connections supported by
that server, effectively locking out those valid users of the server or service. Denial-of-service
attacks can also be implemented using common Internet protocols, such as TCP and ICMP. Most
denial-of-service attacks exploit a weakness in the overall architecture of the system being
attacked rather than a software bug or security hole. However, some attacks compromise the
performance of your networks by flooding the network with undesired, and often useless,
network packets and by providing false information about the status of network resources.
The New York-based Internet service provider (ISP), Panix Public Access Network Corporation,
recently brought to light just how vulnerable a network can be to denial-of-service attacks. Panix
was subjected to an extended attack that crippled access to all of its TCP-based services,
including the web sites and e-mail services that it hosted for its corporate clients. In this example,
the attacker sent up to 150 connection requests per second to Panix's hosts—a number of
requests that quickly filled up the hosts' crucial memory buffers (TCP pending connection
buffers) with pending connection attempts, making the hosts unreachable by legitimate clients.
Application Layer Attacks
Application layer attacks can be implemented using several different methods. One of the most
common methods is exploiting well-known weaknesses in software commonly found on servers,
such as sendmail, PostScript, and FTP. By exploiting these weaknesses, attackers can gain access
to a computer with the permissions of the account running the application, which is usually a
privileged system-level account.
Trojan horse program attacks are implemented using programs that an attacker substitutes for
common programs. These programs may provide all of the functionality that the normal program
provides, but they also include other features that are known to the attacker, such as monitoring
login attempts to capture user account and password information. These programs can capture
sensitive information and distribute it back to the attacker. They can also modify application
functionality, such as applying a blind carbon copy to all e-mail messages so that the attacker can
read all of your organization's e-mail.
One of the oldest forms of application layer attacks is a Trojan horse program that displays a
screen, banner, or prompt that the user believes is the valid login sequence. The program then
captures the information that the user types in and stores or e-mails it to the attacker. Next, the
program either forwards the information on to the normal login process (normally impossible on
modern systems) or simply sends an expected error to the user (for example, Bad
Username/Password Combination), exits, and starts the normal login sequence. The user,
believing that he has incorrectly entered his password (a common mistake experienced by
everyone), retypes the information and is allowed access.
One of the newest forms of application layer attacks exploits the openness of several new
technologies: the HTML specification, web browser functionality, and the HTTP protocol. These
attacks, which include Java applets and ActiveX controls, involve passing harmful programs
across the network and loading them through a user's browser.
Users of ActiveX controls may be lulled into a false sense of security by the Authenticode
technology promoted by Microsoft. However, attackers have already discovered how to utilize
properly signed and bug-free ActiveX controls to make them act as Trojan horses. This
technique uses VBScript to direct the controls to perform their dirty work, such as overwriting
files and executing other programs.
These new forms of attack are different in two respects:
 • They are initiated not by the attacker but by the user who selects the HTML
page that contains the harmful applet or script stored using the <OBJECT>,
<APPLET>, or <SCRIPT> tags.

• Their attacks are no longer restricted to hardware platform and operating

systems because of the portability of the programming languages involved.

• If you have been using the Internet for any length of time, and especially if you work at a larger company
and browse the Web while you are at work, you have probably heard the term firewall used. For example,
you often hear people in companies say things like, "I can't use that site because they won't let it through the
firewall."
• If you have a fast Internet connection into your home (either a DSL connection or a cable modem), you may
have found yourself hearing about firewalls for your home network as well. It turns out that a small home
network has many of the same security issues that a large corporate network does. You can use a firewall to
protect your home network and family from offensive Web sites and potential hackers.

Symmetric-key cryptography
Main article: Symmetric key algorithm

Symmetric-key cryptography refers to encryption methods in which both the sender and receiver
share the same key (or, less commonly, in which their keys are different, but related in an easily
computable way). This was the only kind of encryption publicly known until June 1976.[9]
One round (out of 8.5) of the patented IDEA cipher, used in some versions of PGP for
high-speed encryption of, for instance, e-mail

The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and
stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of
Alberti's polyalphabetic cipher: block ciphers take as input a block of plaintext and a key, and
output a block of ciphertext of the same size. Since messages are almost always longer than a
single block, some method of knitting together successive blocks is required. Several have been
developed, some with better security in one aspect or another than others. They are the modes of
operation and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are block
cipher designs which have been designated cryptography standards by the US government
(though DES's designation was finally withdrawn after the AES was adopted).[11] Despite its
deprecation as an official standard, DES (especially its still-approved and much more secure
triple-DES variant) remains quite popular; it is used across a wide range of applications, from
ATM encryption[12] to e-mail privacy[13] and secure remote access.[14] Many other block ciphers
have been designed and released, with considerable variation in quality. Many have been
thoroughly broken. See Category:Block ciphers.[10][15]
Stream ciphers, in contrast to the 'block' type, create an arbitrarily long stream of key material,
which is combined with the plaintext bit-by-bit or character-by-character, somewhat like the one-
time pad. In a stream cipher, the output stream is created based on a hidden internal state which
changes as the cipher operates. That internal state is initially set up using the secret key material.
RC4 is a widely used stream cipher; see Category:Stream ciphers.[10] Block ciphers can be used
as stream ciphers; see Block cipher modes of operation.
Cryptographic hash functions are a third type of cryptographic algorithm. They take a message
of any length as input, and output a short, fixed length hash which can be used in (for example) a
digital signature. For good hash functions, an attacker cannot find two messages that produce the
same hash. MD4 is a long-used hash function which is now broken; MD5, a strengthened variant
of MD4, is also widely used but broken in practice. The U.S. National Security Agency
developed the Secure Hash Algorithm series of MD5-like hash functions: SHA-0 was a flawed
algorithm that the agency withdrew; SHA-1 is widely deployed and more secure than MD5, but
cryptanalysts have identified attacks against it; the SHA-2 family improves on SHA-1, but it isn't
yet widely deployed, and the U.S. standards authority thought it "prudent" from a security
perspective to develop a new standard to "significantly improve the robustness of NIST's overall
hash algorithm toolkit."[16] Thus, a hash function design competition is underway and meant to
select a new U.S. national standard, to be called SHA-3, by 2012.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a
secret key is used to authenticate the hash value[10] on receipt.