HMAC
HMAC
For example HMAC1 SHA256 is HMAC scramble the message with a key and hash with SHA256.
ghci> import Crypto.MAC.HMAC
ghci> import Crypto.Hash
ghci> hmacGetDigest $ hmac ("secret key"::ByteString) ("hello world"::ByteString) :: Digest SHA256
c61b5198df58639edb9892514756b89a36856d826e5d85023ab181b48ea5d018
ghci> hmacGetDigest $ hmac ("secret key"::ByteString) ("hello world"::ByteString) :: Digest Blake2b_256
198e317eba56eee5056b88f527c895d6235ace9153fdf6467e38c2758073328c
The scramble part is defined in rfc21041, H is hash function e.g. SHA256, K is secret key and , is concat
ipad = the byte 0x36 repeated B times
opad = the byte 0x5C repeated B times
H(K XOR opad, H(K XOR ipad, text))
MAC can be used in senario like:
- Exchange private message, append a MAC of the message to proof it is not tampered, very similar to usage of hash function, but hash function is mainly use for public messages, for example a file from public website that everyone can download.
- Pseudo Random Generator(PRG),
HMAC(salt, seed)generate a pretty random enough key can be used in KDF