What's the difference between Message Digest, Message Authentication Code, and HMAC?

Question

My understanding of a message digest is that it\'s an encrypted hash of some data sent along with the encrypted data so you may verify that the data has not been tampered wi

Answer 1

• A Message Digest is simply a hash of a message. It's the output of a cryptographic hash function applied to input data, which is referred to as a message.
• A Message Authentication Code (MAC) is a piece of information that proves the integrity of a message and cannot be counterfeited easily.
• A HMAC is a specific kind of MAC defined by RFC 2104.

Wikipedia has good articles covering all these terms: see Message Digest, Message Authentication Code, and HMAC.

Answer 2

• A message digest algorithm takes a single input -- a message -- and produces a "message digest" (aka hash) which allows you to verify the integrity of the message: Any change to the message will (ideally) result in a different hash being generated. An attacker that can replace the message and digest is fully capable of replacing the message and digest with a new valid pair.
• A MAC algorithm takes two inputs -- a message and a secret key -- and produces a MAC which allows you to verify the integrity and the authenticity of the message: Any change to the message or the secret key will (ideally) result in a different MAC being generated. Nobody without access to the secret should be able to generate a MAC calculation that verifies; in other words a MAC can be used to check that the MAC was generated by a party that has access to the secret key.
• A HMAC algorithm is simply a specific type of MAC algorithm that uses a hash algorithm internally (rather than, for example, an encryption algorithm) to generate the MAC.