HMAC is a MAC algorithm designed by Bellare et al.  in 1996. A MAC algorithm is a cryptographic algorithm that computes a complex function of a data string and a secret key; the resulting MAC value is typically appended to the string to protect its authenticity. HMAC is a MAC algorithm based on a hash function. This type of construction became popular, because in the mid to late 1990's no secure and efficient custom designed MAC algorithms were available and hash functions (such as MD5) offered a much better performance than block ciphers; this implies that HMAC is faster than CBC-MAC. HMAC offers the advantage that it can be implemented without making any modification to the code of the hash function itself.
We present a description of HMAC for use with hash functions such as MD5, RIPEMD-160, and SHA-1, that process inputs in blocks of 512 bits; it is straightforward to extend this description to other hash functions:
Here Kis the key of the MAC algorithm (padded with zeroes to a...
This is a preview of subscription content, access via your institution.
Bellare, M., R. Canetti, and H. Krawczyk (1996). “Keying hash functions for message authentication.” Advances in Cryptology, Proceedings Crypto '96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 1–15. Full version http://www.cs.ucsd.edu/users/mihir/papers/hmac.html
FIPS 198 (2002). The Keyed-Hash Message Authentication Code (HMAC). NIST, US Department of Commerce, Washington, DC.
ISO/IEC 9797 (2002). “Information technology—Security techniques—Message Authentication Codes (MACs), Part 2: Mechanisms using a dedicated hash-function.”
Krawczyk, H., M. Bellare, and R. Canetti (1997). HMAC: Keyed-Hashing for Message Authentication. RFC 2104.
Preneel, B. and P.C. van Oorschot (1995). “MDx-MAC and building fast MACs from hash functions.” Advances in Cryptology—CRYPTO'95, Lecture Notes in Computer Science, vol. 963, ed. D. Coppersmith. Springer-Verlag, Berlin, 1–14.
Editors and Affiliations
© 2005 International Federation for Information Processing
About this entry
Cite this entry
Preneel, B. (2005). HMAC. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_187
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0