HMAC Generator
How HMAC Generation Works
HMAC combines a secret key with the hash function to produce an authentication code.
- 1
Key is prepared
The secret key is padded or hashed to match the hash function block size.
- 2
Inner and outer pads are computed
The key is XORed with inner and outer pad values.
- 3
Hash is computed twice
The hash of (outer pad + hash of (inner pad + message)) produces the HMAC.
FAQ
What is HMAC?
HMAC (Hash-based Message Authentication Code) is a type of message authentication code that uses a cryptographic hash function and a secret key to verify data integrity and authenticity.
When should I use HMAC?
Use HMAC when you need to verify that a message has not been altered and comes from a sender with the shared secret key. It is commonly used in API authentication and data integrity verification.
What is the difference between HMAC-SHA256 and HMAC-SHA512?
HMAC-SHA256 uses the SHA-256 hash function producing a 256-bit tag, while HMAC-SHA512 uses SHA-512 producing a 512-bit tag. HMAC-SHA512 provides more security bits but is slower on 32-bit systems.