Authentication can be divided into entity authentication and message authentication. Obviously, message authentication code can only realize message authentication, while digital signature can realize entity authentication and message authentication at the same time.
Message authentication is divided into two parts: message source authentication (that is, the source of the message has not been impersonated) and message integrity (that is, the message has not been maliciously tampered with).
First question, what is the difference between message source authentication and entity authentication?
Message source authentication only means that the source of the message is reliable, because no one knows the key corresponding to the message authentication code (that is, the key of HMAC) except the sender and the receiver.
The requirements for entity authentication are higher. The private key of digital signature only belongs to the signer, and the corresponding public key is used to verify the signature. The identity of the public key and the signer is bound by the certificate, so the signature can only be generated by the owner of the private key, and it is undeniable. So the key is that the digital signature uses the private key (which is indirectly bound to the signer's identity), and both parties of the message authentication code use the same key.
Second question, what is the difference between message authentication and digital signature?
Both message authentication code and digital signature belong to the application of hash function (message integrity). Digital signature is actually a message authentication technology, but digital signature belongs to asymmetric cryptosystem, while message authentication code belongs to symmetric cryptosystem, so the processing speed of message authentication code will be much faster than that of digital signature, but message authentication code cannot achieve non-repudiation.
Thirdly, both message authentication and digital signature ensure the source of information (that is, the sender of communication). What is the significance of user authentication?
You should understand what I said before. In fact, message source authentication is still a part of message authentication, which is different from real entity authentication.
Finally, when reviewing cryptography, don't look at each chapter in isolation, each chapter is related, sort out the contents of the whole chapter, and find out which are the nature or purpose, and which are the technical means to achieve these purposes. For example, message authentication and entity authentication are attributes or purposes here, while message authentication code and digital signature are corresponding technical means.