Hash-Based Message Authentication Code (HMAC)

HMAC was designed to address weaknesses in earlier MAC constructions by providing a provably secure way to authenticate messages. It works by taking a secret key and a message as inputs, then running them through a hash function (such as SHA-256 or SHA-3) in a specific two-pass construction that makes it resistant to length extension attacks and other known vulnerabilities.

The HMAC process involves XORing the secret key with two different padding constants (ipad and opad), then performing two nested hash operations. This construction ensures that even if the underlying hash function has certain weaknesses, the HMAC remains secure as long as the hash function is collision-resistant. The resulting code is a fixed-length value that can be sent alongside the message.

HMAC is extensively used in security protocols and applications. In TLS, it verifies the integrity of handshake messages and application data. In API authentication, HMAC signatures validate that requests have not been tampered with and originate from authorized clients. JWT (JSON Web Tokens) often use HMAC-SHA256 for token signing. When implementing HMAC, it is crucial to use a sufficiently long random key and to perform constant-time comparison of MAC values to prevent timing side-channel attacks.