« RSA Encryption and Digital Signature | Main | Diffie Hellman »

March 07, 2005

MAC and HMAC

MAC (Message Authentication Code) and HMAC (Keyed-Hashing for Message Authentication Code) are mechanism for providing integrity when the data transfer over untrusted enviroment like internet, they are work base on shared secret key.
When we use MAC mechanism based on cryptographic hash functions so it called HMAC. there are different cryptographic hash functions like SHA-1,MD5,RIPEMD-160,PANAMA,SHA256 and etc.
Let's take a look to HMAC mathematical algorithm :

HMAC(Message) = Hash[(Key XOR OPAD) || Hash(Key XOR IPAD) || Message]
|| means concatenation operation
OPAD (outer padding) = 36hex, repeated as needed
IPAD (inner padding) = 5Chex, repeated as needed

for instance :
message : welcome to ippacket site
secret key : mehrdad
HMAC digest by MD5 = 76960728e94b2693149728b076c614cf
HMAC digest by SHA-1 = 95ab25cb679c193fe141cb92e55126876a5285ea
HMAC digest by RIPEMD160 = fd9bab4a7f4b69d895fbb38f2fb09972c7137c43

MAC is simple than HMAC , it uses encryption like DES.

* HMAC RFC is RFC 2104 you can read it from FAQ.ORG

Posted by Mehrdad at March 7, 2005 04:42 PM