HMAC terminology clarification

[Ntr0P]

I've been reading up on cryptography but have been a bit confused by terminology as it relates specifically to HMAC and keyed digests.

Are these the same and if not, can someone provide a clear differentiation? I've not found an adequate explanation of either. In some cases they seem to be used interchangeably.

TIA

 

[JasonDeckard]

HMAC is one implementation of a keyed digest. That is, HMAC is a keyed digest, but not all keyed digests are HMACs (a Dodge RAM is a truck, but not all trucks are Dodge RAMs).

Keyed digests use hashing algorithms to create digests of messages and the key that will be used to encrypt the message. HMAC accomplishes this by doing the following:

1) Pad the key out to 64 bytes with null character.
2) XOR the 64 byte key (and padding) with 0x36.
3) Append the message to the 64 byte padded key.
4) Create a digest of the padded key and message.
5) XOR the padded key from step 1 with 0x5C.
6) Append the digest created in step 1 to the padded key from step 5.
7) Create a digest of the result of step 6, and you have your HMAC.

HMAC can handle symmetric key lengths of up to 512 bits. HMAC is the de facto standard in keyed digests, and I expect that will remain the case until 512 is deemed unacceptably short.


Cheers,

Jason Deckard

 

[JasonDeckard]

Correction - step 6 should read:

Append the digest created in step 4 to the padded key from step 5.

 

[Ntr0P]

Many thanks for that clarification! Much appreciated!