nettle: Keyed hash functions
1
1 6.5 Keyed Hash Functions
1 ========================
1
1 A “keyed hash function”, or “Message Authentication Code” (MAC) is a
1 function that takes a key and a message, and produces fixed size MAC.
1 It should be hard to compute a message and a matching MAC without
1 knowledge of the key. It should also be hard to compute the key given
1 only messages and corresponding MACs.
1
1 Keyed hash functions are useful primarily for message authentication,
1 when Alice and Bob shares a secret: The sender, Alice, computes the MAC
1 and attaches it to the message. The receiver, Bob, also computes the
1 MAC of the message, using the same key, and compares that to Alice’s
1 value. If they match, Bob can be assured that the message has not been
1 modified on its way from Alice.
1
1 However, unlike digital signatures, this assurance is not
1 transferable. Bob can’t show the message and the MAC to a third party
1 and prove that Alice sent that message. Not even if he gives away the
1 key to the third party. The reason is that the _same_ key is used on
1 both sides, and anyone knowing the key can create a correct MAC for any
1 message. If Bob believes that only he and Alice knows the key, and he
1 knows that he didn’t attach a MAC to a particular message, he knows it
1 must be Alice who did it. However, the third party can’t distinguish
1 between a MAC created by Alice and one created by Bob.
1
1 Keyed hash functions are typically a lot faster than digital
1 signatures as well.
1
Menu