| CARVIEW |
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Here’s how you know
Official websites use .gov
A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
Message Authentication Codes MAC
Project Links
Overview
The message authentication code (MAC) is generated from an associated message as a method for assuring the integrity of the message and the authenticity of the source of the message. A secret key to the generation algorithm must be established between the originator of the message and its intended receiver(s).
Approved Algorithms
Currently, there are three approved* general-purpose MAC algorithms: HMAC, KMAC, and CMAC.
-
Keyed-Hash Message Authentication Code (HMAC)
- The initial public draft of NIST SP 800-224, Keyed-Hash Message Authentication Code (HMAC): Specification of HMAC and Recommendations for Message Authentication, was released for public comment on June 28, 2024, and the comment period closed September 6, 2024. This publication was proposed by the NIST Crypto Publication Review Board based on the reviews of FIPS 198-1 and SP 800-107r1 in 2022. The final version of SP 800-224 is expected to be published concurrently with the withdrawal of FIPS 198-1.
- FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC) (July 2008), specifies a mechanism for message authentication using an approved hash function. The approved hash functions are specified in FIPS 180-4, Secure Hash Standard, and FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. Specific guidelines in connection with HMAC's security properties are provided in NIST SP 107 Revision 1, Recommendation for Applications Using Approved Hash Algorithms.
-
KECCAK Message Authentication Code (KMAC)
- KMAC is specified in NIST SP 800-185, SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash (December 2016). KMAC is a keyed hash function based on KECCAK, which is specified in FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. There are two variants of KECCAK, KMAC128 and KMAC256.
-
CMAC Mode for Authentication
- CMAC is specified in NIST SP 800-38B, Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication (May 2005). The CMAC mode is constructed from an approved block cipher (e.g., AES, as specified in FIPS 197, The Advanced Encryption Standard).
Notes
- The CCM and GCM algorithms for authenticated encryption—each constructed from an approved block cipher—can be specialized to MAC algorithms if no data is to be encrypted. In the case of GCM, this specialization has a separate name, GMAC.
- An earlier FIPS—FIPS 113, Computer Data Authentication—specified a Message Authentication Code; it was withdrawn in September 2008.
Testing HMAC, CMAC and GMAC Implementations
Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).
Implementation-related References
Project Links
Contacts
Quynh Dang
[email protected]
Group
Cryptographic TechnologyTopics
Security and Privacy: message authentication
Contacts
Quynh Dang
[email protected]
Group
Cryptographic TechnologyTopics
Security and Privacy: message authentication