HMAC (Hash-based Message Authentication Code) is a type of a message authentication code (MAC) that is acquired by executing a cryptographic hash function on the data (that is) to be authenticated and a secret shared key. Like any of the MAC, it is used for both data integrity and authentication. Checking data integrity is necessary for the parties involved in communication. HTTPS, SFTP, FTPS, and other transfer protocols use HMAC. The cryptographic hash function may be MD-5, SHA-1, or SHA-256. Digital signatures are nearly similar to HMACs i.e they both employ a hash function and a shared key. The difference lies in the keys i.e HMACs use symmetric key(same copy) while Signatures use asymmetric (two different keys).
Processes and decisions pertinent to business are greatly dependent on integrity. If attackers tamper this data, it may affect the processes and business decisions. So while working online over the internet, care must be taken to ensure integrity or least know if the data is changed. That is when HMAC comes into use.
- Verification of e-mail address during activation or creation of an account.
- Authentication of form data that is sent to the client browser and then submitted back.
- HMACs can be used for Internet of things (IoT) due to less cost.
- Whenever there is a need to reset the password, a link that can be used once is sent without adding a server state.
- It can take a message of any length and convert it into a fixed-length message digest. That is even if you got a long message, the message digest will be small and thus permits maximizing bandwidth.
Working of HMAC
HMACs provides client and server with a shared private key that is known only to them. The client makes a unique hash (HMAC) for every request. When the client requests the server, it hashes the requested data with a private key and sends it as a part of request. Both the message and key are hashed in separate steps making it secure. When the server receives request, it makes its own HMAC. Both the HMACS are compared and if both are equal, the client is considered legitimate.
Formula for HMAC:
HMAC = hashFunc(secret key + message)
There are three types of authentication functions. They are message encryption, Message authentication code, and hash functions. Major difference between MAC and hash (HMAC here) is the dependence of a key. In HMAC we have to apply the hash function along with a key on the plain text. The hash function will be applied to the plain text message. But before applying, we have to compute S bits and then append it to plain text and after that apply hash function. For generating those S bits we make use of a key that is shared between the sender and receiver.
Using key K (0 < K < b), K+ is generated by padding O’s on left side of key K until length becomes b bits. The reason why it’s not padded on right is change(increase) in the length of key. b bits because it is the block size of plain text. There are two predefined padding bits called ipad and opad. All this is done before applying hash function to the plain text message.
ipad - 00110110
opad - 01011100
Now we have to calculate S bits
K+ is EXORed with ipad and the result is S1 bits which is equivalent to b bits since both K+ and ipad are b bits. We have to append S1 with plain text messages. Let P be the plain text message.
S1, p0, p1 upto Pm each is b bits. m is the number of plain text blocks. P0 is plain text block and b is plain text block size. After appending S1 to Plain text we have to apply HASH algorithm (any variant). Simultaneously we have to apply initialisation vector (IV) which is a buffer of size n-bits. The result produced is therefore n-bit hashcode i.e H( S1 || M ).
Similarly, n-bits are padded to b-bits And K+ is EXORed with opad producing output S2 bits. S2 is appended to the b-bits and once again hash function is applied with IV to the block. This further results into n-bit hashcode which is H( S2 || H( S1 || M )).
- Select K.
If K < b, pad 0's on left until k=b. K is between 0 and b ( 0 < K < b )
- EXOR K+ with ipad equivalent to b bits producing S1 bits.
- Append S1 with plain text M
- Apply SHA-512 on ( S1 || M )
- Pad n-bits until length is equal to b-bits
- EXOR K+ with opad equivalent to b bits producing S2 bits.
- Append S2 with output of step 5.
- Apply SHA-512 on step 7 to output n-bit hashcode.
- HMACs are ideal for high-performance systems like routers due to the use of hash functions which are calculated and verified quickly unlike the public key systems.
- Digital signatures are larger than HMACs, yet the HMACs provide comparably higher security.
- HMACs are used in administrations where public key systems are prohibited.
- HMACs uses shared key which may lead to non-repudiation. If either sender or receiver’s key is compromised then it will be easy for attackers to create unauthorized messages.
Attention reader! Don’t stop learning now. Get hold of all the important DSA concepts with the DSA Self Paced Course at a student-friendly price and become industry ready.
- How message authentication code works?
- Message Authentication Codes
- Difference between Memory based and Register based Addressing Modes
- PGP - Authentication and Confidentiality
- Types of Two-factor Authentication
- Authentication in Computer Network
- Password Authentication Protocol (PAP)
- Difference between Authentication and Authorization
- What is AAA (Authentication, Authorization, and Accounting)?
- 3D passwords-Advanced Authentication Systems
- Internet Protocol Authentication Header
- AAA (Authentication, Authorization and Accounting) configuration (locally)
- Challenge Response Authentication Mechanism (CRAM)
- Challenge Handshake Authentication Protocol (CHAP)
- Computer Network | AAA (Authentication, Authorization and Accounting)
- Difference between Fastag, Bar Code, QR Code and NFC
- How to pop an alert message box using PHP ?
- Message switching techniques
- Message Passing in Java
- Message Digest in Information security
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.