--%>
Assignment Help - homework help

Key-Hashed Message Authentication Codes or HMACS

What is Key-Hashed Message Authentication Codes or HMACS?

E

Expert

Verified

Digital signatures provide message-by-message authentication, as well as message integrity. Unfortunately the use of digital signatures requires that parties have a public/private key pair and that a secure mechanism for distributing public keys exists. There is also overhead for computing the digital signature, since slow public key encryption is used. Because of these shortcomings another approach to message-by-message authentication is often used - key-hashed message authentication codes. This approach requires that both parties share some secret information, usually a symmetric key. Most cryptographic systems, systems that provide authentication and confidentiality, provide this. The process involves appending the secret shared information to the message and then computing the hash, which is called the HMAC. The HMAC is sent with the message. The receiver recalculates the HMAC from the plaintext part of the message using its own copy of the shared secret information. If the calculated HMAC is equal to the received HMAC, the message is authenticated.

The advantage of using HMACs is reduced computation and not needing to maintain a public key infrastructure. However, HMACs do not provide for non-repudiation as both sides know the secret shared information and the receiver could construct a HMAC for a message that the sender did not send. Digital signatures must be used if non-repudiation is required.

   Related Questions in Computer Networking