Hash message authentication code (HMAC) is a specific construction for calculating a message authentication code (MEC) involving a cryptographic hash function in combination with a secret cryptographic key and cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it say it simple encryption and decryption of text.
1. What is MAC?
MAC stands for Massage Authentication Code. It's basically a checksum for data going though insecure channel.
A general step-by-step process of how a generic MAC function works can be described as following:
A few MAC algorithms are available. DES and AES are among the most well known ones.
2. MAC is different from MD (Message Digest).
Message Digest (MD) is like MAC in the way that it is also a kind of checksum. However, 'this checksum' is computed by a hash function that takes only the message as input, instead of the message and a shared secret key as in MAC. But MD is widely used in Public Key Infrastructure when computing the digital signatures.
3. What is HMAC?
Hash message authentication code (HMAC) is a specific construction for calculating a message authentication code (MEC) involving a cryptographic hash function in combination with a secret cryptographic key.
Theoretically, any hash fuction could be used with HMAC, although more secure hashing functions are preferable. Commonly used hash functions are MD5 and SHA-1. As computers become more and more powerful, increasingly complex hash functions will probably be used. Furthermore, there are several generations of SHA hashing functions (SHA-256, SHA-384, and SHA-512) which are currently available but not very widely used as their added security is not yet believed to be needed in everyday transactions.
4. How HMAC works?
HMAC generates a Message Authentication Code by the following formula:
The HMAC(M) is then sent as any typical MAC(M) in a message transaction over insecure channels (See section 1). Again, any hash function can be used, but MD5 and SHA-1 seem to be most popular.
5. Why use HMAC?
Speed is the main reason. Hash functions are much faster than block ciphers such as DES and AES in software implementation
However, HMAC, as a cryptographic mechanism, is repudiatable. That is, Bob cannot demonstrate that data really came from Alice -- both a sender and a receiver can generate an exactly same HMAC output (so Bob could have made the data himself). This is unlike digital signatures which only the sender can generate.
ref:- http://krytosvirus.com/text/HMAC.htm
1. What is MAC?
MAC stands for Massage Authentication Code. It's basically a checksum for data going though insecure channel.
A general step-by-step process of how a generic MAC function works can be described as following:
- Sender sends Message & MAC(Message, K), M1
- Receiver receives both parts
- Receiver makes his own MAC(Message, K), M2
- If M2 != M1, data has been corrupted
- If M2 == M1, data is valid
A few MAC algorithms are available. DES and AES are among the most well known ones.
2. MAC is different from MD (Message Digest).
Message Digest (MD) is like MAC in the way that it is also a kind of checksum. However, 'this checksum' is computed by a hash function that takes only the message as input, instead of the message and a shared secret key as in MAC. But MD is widely used in Public Key Infrastructure when computing the digital signatures.
3. What is HMAC?
Hash message authentication code (HMAC) is a specific construction for calculating a message authentication code (MEC) involving a cryptographic hash function in combination with a secret cryptographic key.
Theoretically, any hash fuction could be used with HMAC, although more secure hashing functions are preferable. Commonly used hash functions are MD5 and SHA-1. As computers become more and more powerful, increasingly complex hash functions will probably be used. Furthermore, there are several generations of SHA hashing functions (SHA-256, SHA-384, and SHA-512) which are currently available but not very widely used as their added security is not yet believed to be needed in everyday transactions.
4. How HMAC works?
HMAC generates a Message Authentication Code by the following formula:
HMAC(M) = H[(K+opad) & H[(k+ipad) & M]]
- M = Message
- H[] = Underlying Hash function
- K = Shared Secret Key
- opad = 36hex, repeated as needed
- ipad = 5Chex, repeated as needed
- & = concatenation operation
- + = XOR operation
The HMAC(M) is then sent as any typical MAC(M) in a message transaction over insecure channels (See section 1). Again, any hash function can be used, but MD5 and SHA-1 seem to be most popular.
5. Why use HMAC?
Speed is the main reason. Hash functions are much faster than block ciphers such as DES and AES in software implementation
However, HMAC, as a cryptographic mechanism, is repudiatable. That is, Bob cannot demonstrate that data really came from Alice -- both a sender and a receiver can generate an exactly same HMAC output (so Bob could have made the data himself). This is unlike digital signatures which only the sender can generate.
ref:- http://krytosvirus.com/text/HMAC.htm
No comments:
Post a Comment