What is HMAC (Hash-Based Message Authentication Code)?

How hash-based message authentication code works

HMAC provides a valid and reliable way for transacting parties to ensure that their messages have not been tampered with by an unauthorized or malicious party. The HMAC code or key consists of the following two parts:

1. A shared set of cryptographic keys for the sender or client and recipient or server. The sender and recipient use the same key to generate and verify the HMAC.
2. A generic cryptographic hash function, like SHA-1 or RIPEMD-128/60.

The formula for HMAC is represented as the following:

HMAC = hashFunc(secret key + message)

In a messaging transaction between a client and a server involving HMAC, the client creates a unique HMAC or hash by hashing the request data with the private keys and sending it as part of a request. The server receives the request and regenerates its own unique HMAC. It then compares the two HMACs. If they are equal, the client is trusted and considered legitimate, and the request is executed. This process is often called a secret handshake.

Security in hash-based message authentication code

HMAC is more secure than MAC because the key and the message are hashed in the following separate steps:

HMAC(key, msg) = H(mod1(key) || H(mod2(key) || msg))

The client first hashes the data with a private key and sends it to the server as part of the request. The server then makes its own HMAC. This ensures the process is not susceptible to extension attacks that could cause elements of the key to be leaked as successive MACs are created.

Also, once the process is complete, the sent message becomes irreversible and resistant to hacking. Even if a malicious party tries to intercept the message, they will not be able to guess its length or decrypt it because they will not have the decryption key. In effect, the HMAC process renders the message contents unreadable and useless to the hacker.

Applications of HMAC

HMAC is considered a secure method to authenticate messages because it is difficult to forge if the potential forger does not know the secret shared key. The method is also resistant to dictionary attacks, where an attacker uses brute force to decode their way into a password-protected device by running through common words and phrases in a dictionary. That said, it is important to use a strong and unique secret key to maximize the security benefits of HMAC.

Since HMAC provides dual levels of protection, it is ideal for applications involving sensitive data, such as personally identifiable information or credit card numbers. It also provides more extensive security than traditional measures, making it suitable for use in regulated industries like healthcare or finance.

HMAC encryption is also suitable for internet of things (IoT) environments, high-performance systems like routers and user email address verification. HMAC can also be used in security-critical applications where public key systems are either inadequate or prohibited. Possible applications for HMAC include the following:

• To authenticate form data sent to a client browser and resubmit.
• To generate secure hashes for storing passwords.
• To generate unique session management tokens.

Hash-based message authentication code vs. digital signature

A digital signature is a way to validate the authenticity and integrity of a digital document and sender with the help of asymmetric public key cryptography. Like HMACs, digital signatures also use a hash function and a shared key. However, HMACs use a symmetric key -- i.e., the same key is shared between the sender and recipient -- while a digital signature uses asymmetric keys, meaning the sender and recipient use two different keys.

Both HMACs and digital signatures ensure the integrity and authenticity of the message. Integrity means that the message has not been altered. If it is, the hash function gives a different value in return, so the recipient knows someone has tampered with the message. Authenticity indicates that the recipient is confident the message originates from the sender. Both methods ensure integrity and authenticity because the keys that encrypt the hash are unknown to a third party -- who could be a malicious adversary -- thus proving to the recipient that the message came from the expected sender.

In addition to ensuring integrity and authenticity, digital signatures are also used for nonrepudiation, meaning neither the sender nor recipient can deny having processed the information once it has been sent. HMACs are generally not used for nonrepudiation purposes.

How to implement HMAC

To implement HMAC, perform the following steps:

1. Choose a hash function such as SHA-256.
2. Create a random secret key known only to the sender and receiver.
3. Put the HMAC algorithm in place for the HMAC computation.
4. Ensure that recipient(s) can recompute and compare HMACs.

It is essential that the secret keys be properly secured, as this can prevent a hacker from taking over the communicating server.

Should your organization use HMAC?

Is using HMAC the best way to achieve secure communications? The following are some considerations for making that decision. HMAC is a strong choice in the following situations:

• Data integrity is a high priority.
• An organization receives payments online.
• There are heavy regulations or compliance requirements for the organization's handling of data.
• An organization's servers contain trade secrets or sensitive information like payment information.
• There is an in-house IoT network that must be secured.

Although HMAC can provide secure communications, it does not provide confidentiality and should be encrypted with a separate encryption algorithm, such as the Advanced Encryption Standard, to ensure full security.

Learn the basics of symmetric key encryption, including key encryption terms.