Cryptographic Tools
Crypto tools
What is HMAC?
HMAC (Hash-based Message Authentication Code) is a cryptographic technique that combines a hash function with a secret key to create a message authentication code. It provides both data integrity and authenticity verification, ensuring that a message hasn't been tampered with and comes from a trusted source.
- Data Integrity: Detects any changes to the original message
- Authentication: Verifies the message comes from someone with the secret key
- Non-repudiation: Proves the sender cannot deny sending the message
- Key-dependent: Same message with different keys produces different HMACs
HMAC Generator
Crypto
How HMAC Works
- Key Padding: Secret key is padded to match hash block size
- Inner Hash: Key ⊕ inner_pad + message → hash
- Outer Hash: Key ⊕ outer_pad + inner_hash → final HMAC
- Result: Fixed-length authentication code
Common Use Cases
- API Authentication: Verify API requests
- Digital Signatures: Sign documents and messages
- Session Tokens: Secure session management
- Data Integrity: Verify file downloads
- Password Storage: Hash passwords with salts
- Blockchain: Verify transaction integrity
Algorithm Comparison
| Algorithm | Output Size | Security |
|---|---|---|
| SHA-256 | 256 bits | Strong |
| SHA-512 | 512 bits | Strongest |
| SHA-1 | 160 bits | Weak |
| MD5 | 128 bits | Broken |
Example
Message: "Hello, World!"
Key: "mySecretKey123"
Algorithm: SHA-256
HMAC: a4d7c0...
Best Practices
- Use SHA-256 or SHA-512 for security
- Keep your secret key confidential
- Use random, long keys (32+ characters)
- Never reuse keys across different purposes
- Store keys securely (not in code)
- Rotate keys periodically