Trusted answers to developer questions
Trusted Answers to Developer Questions

Related Tags

cryptography

What are keyed cryptographic hash functions?

Muhammad Zubair

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

Overview

The keyed cryptographic hash function is also known as the Hash Message Authentication Code HMAC. It is used in conjunction with a cryptographic key to maintain the data’s authenticity and integrity as it is transferred over a network from the sender to the receiver.

How does it work?

The process of sending data using a keyed cryptographic hash function

Steps performed by the sender

  1. The Data.txt and a secret symmetric keyA key that is shared by the sender and the receiver are passed into the HMAC function.
  2. The Data.txt is hashed and ciphered using the key, generating a MAC value. This MAC value is sent to the receiver and the unencrypted Data.txt file.

Steps performed by the receiver

  1. The Data.txt and a secret symmetric key are passed into the HMAC function.
  2. The Data.txt is hashed and ciphered using the key, generating a MAC value. This MAC value is sent to be checked with the MAC value received from the sender; if they both match, then the data has not been tampered with.

Pros

  • Authenticity: The receiver is confident about the identity of the sender.
  • Data integrity: During the data transmission, it is ensured that the data is not tampered with and its integrity is maintained. This is achieved by generating a MAC value at the receiver end to ensure that MAC values remain the same during transmission. This, in turn, ensures data integrity.
  • Easier to compute: HMACs are used in conjunction with a secret symmetric key, which is relatively easier to encrypt than public-private keys used in a digital signatureIt used by the sender to sign a message as it sent over the network , this helps to maintain integrity and authenticity of the data using public-private key..

Cons

  • Non-repudiation: If the data is forwarded to a third party, it is impossible to prove who is the actual data sender as anyone with a key can generate and send the message. Secondly, if there is a dispute between the key-holders as to who is the sender of the data, it is again impossible to prove who generated the data.

RELATED TAGS

cryptography

CONTRIBUTOR

Muhammad Zubair
Copyright ©2022 Educative, Inc. All rights reserved

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

Keep Exploring