Classical Cryptography Simulator

HMAC - Hash-based Message Authentication Code

Comprehensive HMAC implementation with detailed step-by-step computation, security analysis, and interactive simulation.

HMAC Formula and Theory

Mathematical foundation and algorithm description

HMAC Formula


HMAC(K, M) = H((K ⊕ opad) || H((K ⊕ ipad) || M))

Where:
- H = Cryptographic hash function (SHA-256, SHA-1, MD5)
- K = Secret key
- M = Message to authenticate
- ipad = Inner padding (0x36 repeated block size times)
- opad = Outer padding (0x5C repeated block size times)
- || = Concatenation
- ⊕ = XOR operation

Algorithm Steps

Prepare key K to match hash block size
Compute K XOR ipad (inner padding)
Compute inner hash: H(K XOR ipad || M)
Compute K XOR opad (outer padding)
Compute outer hash: H(K XOR opad || inner)
Final HMAC tag is the outer hash result

Interactive HMAC Computation

Compute HMAC for custom message and key with detailed steps

Message (M)

Example: "Data"

Secret Key (K)

Example: "key123"

Hash Function

Block size: 64 bytes

Security Properties

What the HMAC tag proves about the message

Message Authentication

HMAC proves the message originated from someone knowing the secret key

Only someone with K can generate the correct HMAC tag

Message Integrity

Any change to the message will produce a different HMAC tag

Hash functions are sensitive to input changes

Key Security

Secret key is never exposed in the computation

Key is XORed with padding, never directly used

Collision Resistance

Difficult to find two messages with same HMAC tag

Based on underlying hash function collision resistance

HMAC vs Plain Hash

Key differences between HMAC and regular hash functions

Secret Key

HMAC:

Requires secret key for computation

Plain Hash:

No key required, anyone can compute

Authentication

HMAC:

Provides message authentication

Plain Hash:

Only provides integrity, no authentication

Security

HMAC:

Protected against length extension attacks

Plain Hash:

Vulnerable to length extension attacks

Use Case

HMAC:

Message authentication codes

Plain Hash:

Digital signatures, checksums

Example: M = "Data", K = "key123"

Complete HMAC computation with the given example values

Step-by-Step Computation:

(a) HMAC Formula:

HMAC(K, M) = H((K ⊕ opad) || H((K ⊕ ipad) || M))

ipad = 0x363636... (repeated 64 times for SHA-256)

opad = 0x5C5C5C... (repeated 64 times for SHA-256)

(b) Inner Hash:

K = "key123" → 6b6579313233

K XOR ipad = 6b6579313233 ⊕ 363636... = 5d534f070405...

M = "Data" → 44617461

H(K XOR ipad || M) = H(5d534f070405... || 44617461)

Inner hash = [computed hash value]

(c) Outer Hash:

K XOR opad = 6b6579313233 ⊕ 5C5C5C... = 3939256d6f6f...

H(K XOR opad || inner) = H(3939256d6f6f... || [inner hash])

Outer hash = [final HMAC tag]

(d) What HMAC Proves:

• Message authenticity: Only someone with K could generate this tag

• Message integrity: Any change to M would produce different tag

• Key security: K is never directly exposed in computation

(e) HMAC vs Plain Hash Difference:

HMAC requires secret key and provides authentication

Plain hash has no key and only provides integrity

HMAC is secure against length extension attacks

Key Security Benefits

• Key is XORed with padding constants

• Original key never appears directly

• Prevents key recovery attacks

• Secure even if hash function has weaknesses

Practical Applications

• API authentication (HMAC-SHA256)

• JWT token signing

• Message authentication in TLS

• File integrity verification