What's the difference between Message Digest, Message Authentication Code, and HMAC?

和自甴很熟 提交于 2019-12-02 14:00:49
LukeH
  • A message digest algorithm takes a single input -- a message -- and produces a "message digest" (aka hash) which allows you to verify the integrity of the message: Any change to the message will (ideally) result in a different hash being generated. An attacker that can replace the message and digest is fully capable of replacing the message and digest with a new valid pair.
  • A MAC algorithm takes two inputs -- a message and a secret key -- and produces a MAC which allows you to verify the integrity and the authenticity of the message: Any change to the message or the secret key will (ideally) result in a different MAC being generated. Nobody without access to the secret should be able to generate a MAC calculation that verifies; in other words a MAC can be used to check that the MAC was generated by a party that has access to the secret key.
  • A HMAC algorithm is simply a specific type of MAC algorithm that uses a hash algorithm internally (rather than, for example, an encryption algorithm) to generate the MAC.
  • A Message Digest is simply a hash of a message. It's the output of a cryptographic hash function applied to input data, which is referred to as a message.
  • A Message Authentication Code (MAC) is a piece of information that proves the integrity of a message and cannot be counterfeited easily.
  • A HMAC is a specific kind of MAC defined by RFC 2104.

Wikipedia has good articles covering all these terms: see Message Digest, Message Authentication Code, and HMAC.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!