Updated March 17, 2023
Introduction to HMAC
HMAC stands for Hash-based Message Authentication Code. It is a digital signature algorithm designed to reuse the message digest Algorithm like MD5 and SHA-1 and provide an efficient data integrity protocol mechanism. As HMAC is used to encrypt the plain text in a secure manner, it is being used in Secure Socket Layer protocol, SSL certificate and has been chosen as a mandatory security implementation for the internet protocol, i.e., IP.
How does HMAC Works?
Given below shows the working:
Step 1: Make the length of the symmetric key equal to several bits in each block.
There are three possibilities; based on each; we need to act to equal the length of the key to the number of bits. The length of a key is less than the number of bits in each block. In this case, to equal the length of a key to several bits, we need to expand the key’s length by adding many 0 bits.
The length of a key is equal to several bits in each block. We do not need to perform any action as the key is equal to the number of bits. The length of a key is greater than the number of bits in each block. In this case, to equal the length of the key to number bits, we need to trim the key by applying the message digest algorithm, which we will use to produce the HMAC.
Step 2: XOR symmetric with a pad.
In this step, we XOR the symmetric with the pad to produce a variable called S1.
Step 3: Append the original message to S1.
In this step, we append the original message at the end of S1.
Step 4: Apply the message-digest algorithm.
In this step, we apply the selected message-digest algorithm (MD5, SHA-1, SHA-512, etc.) to the output of step 3. Let’s assume the output of this step 4 is H
Step 5: XOR symmetric key with a pad.
In this step, XOR the symmetric key with pad to produce the variable called S2.
Step 6: Append H to S2.
In this step, we take the message digest, which is calculated in step 4 and append it at the end of the S2, which is derived in the previous step, i.e. step 5.
Step 7: Message digest algorithm.
In this step, we will apply the selected message-digest algorithm to the output of step 6. the generated Message digest of this step is the final MAC.
Disadvantages of HMAC
Below are some of the disadvantages given:
- Let us discuss some problems that we may face in the Hash-based Message Authentication Code. As we have discussed earlier, the Hash-based Message Authentication Code uses a symmetric key. The symmetric key means the same key used by the sender and the receiver. The problem that arises here is how the sender and receiver will exchange the key?.
- Somehow the above problem, the exchange of symmetric key is solved; we cannot use the Hash-based Message Authentication Code in case of more than one receiver. this is because HMAC uses the symmetric key to generate MAC. The symmetric key must be shared only by two parties, i.e. sender and receiver.
- Another problem is, if we share the symmetric with multiple parties, how the receiver knows that the message was prepared and sent by the sender, not other receivers the keys are also shared with them, so there is the possibility of fraud that one of the receivers may create false messages.
In this article we have seen the basic concept of the Hash-based Message Authentication Code, and it’s working.
This is a guide to HMAC. Here we discuss the introduction to Hash-based Message Authentication Code and its working with disadvantages. You can also go through our suggested articles to learn more –