HMAC

From CRYPTUTOR

Jump to: navigation, search

This page is under construction. Do not rely on its accuracy until it is finished. Please edit this page or use the talk page to leave comments.

HMAC is a keyed-hash MAC and is a heuristic variant of NMAC. While in NMAC there are two randomly chosen keys, here keys are drawn from a single key as :

  • k_1=f(k\oplus pad_1)~
  • k_2=f(k\oplus pad_2)~

where f~ is a one way function and pad_1~ and pad_2~ are two deterministic numbers. Assuming k_1~ and k_2~ are somehow uncorrelated, HMAC is an approximation of NMAC which has proven security:

  • \mathsf{HMAC_k}(m)=F^'(k\oplus pad_1||F^'(k\oplus pad_2 ||m))=F_{k\oplus pad_1}(F_{k\oplus pad_2}(m))

where F^'~ is a keyless hash function (such as MD5, SHA1, ...).

Retrieved from "http://crypto.cs.uiuc.edu/wiki/index.php/HMAC"