Your SlideShare is downloading. ×
The Keyed-Hash Message
Authentication Code

HMAC
FIPS-198-1

http://www.youtube.com/zarigatongy
Follow Me @
http://youtube.com/zarigatongy

http://www.youtube.com/zarigatongy
Introduction
Typically, message authentication codes are
used between two parties that share a secret
key in order to auth...
HMAC Uses
• HMAC whenever you want integrity of the data
maintained (and authenticity)
• The key is part of the HMAC, sinc...
HMAC Specification
• To compute a MAC over the data ‘text’ using
the HMAC function, the following operation is
performed:
...
HMAC Construction

http://www.youtube.com/zarigatongy
Example : bash to calculate HMAC
#echo -n "value" | openssl dgst -sha1 -hmac
"key"
57443a4c052350a44638835d64fd66822f81331...
More Protocol Tutorials
•
•
•
•
•
•
•
•
•
•

AES Tutorial Click Here
X.509 Certificate
SSL Protocol Click here
DHCPv6 Prot...
Hmac The Keyed-Hash Message Authentication Code (HMAC)
Upcoming SlideShare
Loading in...5
×

Hmac The Keyed-Hash Message Authentication Code (HMAC)

65

Published on

Cryptographic key (key): a parameter used in conjunction with a cryptographic algorithm that determines the specific operation of that algorithm. In this Standard, the cryptographic key is used by the HMAC algorithm to produce a MAC on the data.
Hash function: a mathematical function that maps a string of arbitrary length (up to a pre- determined maximum size) to a fixed length string.
Keyed-hash message authentication code (HMAC): a message authentication code that uses a cryptographic key in conjunction with a hash function.
Message Authentication Code (MAC): a cryptographic checksum that results from passing data through a message authentication algorithm. In this Standard, the message authentication algorithm is called HMAC, while the result of applying HMAC is called the MAC.
Secret key: a cryptographic key that is uniquely associated with one or more entities. The use of the term "secret" in this context does not imply a classification level; rather the term implies the need to protect the key from disclosure or substitution.

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
65
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Hmac The Keyed-Hash Message Authentication Code (HMAC)"

  1. 1. The Keyed-Hash Message Authentication Code HMAC FIPS-198-1 http://www.youtube.com/zarigatongy
  2. 2. Follow Me @ http://youtube.com/zarigatongy http://www.youtube.com/zarigatongy
  3. 3. HMAC Illustration http://www.youtube.com/zarigatongy
  4. 4. Introduction Typically, message authentication codes are used between two parties that share a secret key in order to authenticate information transmitted between these parties. This Standard defines a MAC that uses a cryptographic hash function in conjunction with a secret key in order to authenticate information transmitted between these parties http://www.youtube.com/zarigatongy
  5. 5. HMAC Uses • HMAC whenever you want integrity of the data maintained (and authenticity) • The key is part of the HMAC, since it is a shared secret known between 2 parties only and only they can create the HMAC and no one else. (Ensures authenticity) • Length extension attacks are not possible on HMAC. MAC's on the other hand simply appends key to the message, which is susceptible to it. HMAC was introduced to overcome this attack on MAC's. http://www.youtube.com/zarigatongy
  6. 6. HMAC Specification • To compute a MAC over the data ‘text’ using the HMAC function, the following operation is performed: MAC(text)=HMAC(K, text) = H((K0⊕opad)|| H((K0⊕ipad) || text)) Terms • K= Secret Key, • K0=The key K after any necessary pre-processing to form a B byte key. • ⊕ = Exclusive OR • ipad=Inner Pad, the byte x’36‘ repeated B times. http://www.youtube.com/zarigatongy • opad=Outer Pad, the byte x‘5c‘ repeated B times.
  7. 7. HMAC Construction http://www.youtube.com/zarigatongy
  8. 8. Example : bash to calculate HMAC #echo -n "value" | openssl dgst -sha1 -hmac "key" 57443a4c052350a44638835d64fd66822f813319 #echo -n "value" | openssl sha1 -hmac "key" 57443a4c052350a44638835d64fd66822f813319 #echo '<?= hash_hmac("sha1", "value", "key") ?>' | php 57443a4c052350a44638835d64fd66822f813319 http://www.youtube.com/zarigatongy
  9. 9. More Protocol Tutorials • • • • • • • • • • AES Tutorial Click Here X.509 Certificate SSL Protocol Click here DHCPv6 Protocol Click Here CHAP Protocol Click Here ISCSI Protocol Tutorial Click Here BGP Tutorial Click Here RADIUS Protocol Click Here PPP Protocol Click Here PPPoE Protocol Click Here http://youtube.com/zarigatongy

×