Definition Edit

A hash-based message authentication code (HMAC) is

a message authentication code that uses a cryptographic key in conjunction with a hash function.[1]

Overview Edit

A secure hash can be used to create a hash-based message authentication code (HMAC), if the parties to a message share a secret key. If a sender sends a message and its HMAC to a recipient, he can recompute the HMAC to protect against changes in the data from any source. An attacker can intercept the message and replace it with a new message, but he cannot compute an acceptable HMAC without knowing the secret key. If the recipient trusts the sender, he may accept an HMAC as authenticating the sender’s identity. However, the services of confidentiality and non-repudiation are not provided.[2]

References Edit

  1. NIST FIPS 201.
  2. NIST Special Publication 800-32, Introduction to Public Key Technology and the Federal PKI Infrastructure 10 (Feb. 26, 2001) (full-text).

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.