Home › B.Tech Cyber Security › cybersecurity › Cryptography › An HMAC (Hash-based Message Authentication Code)…
An HMAC (Hash-based Message Authentication Code) provides
Aconfidentiality only
Bintegrity AND authenticity of a message via a shared secret key
Cnon-repudiation (like a digital signature)
Dcompression of large messages
Answer & Solution
Correct answer: B. integrity AND authenticity of a message via a shared secret key
1. HMAC = HMAC(key, message) — uses a hash function (SHA-256, SHA-3) keyed with a shared secret.
2. PROVIDES:
• INTEGRITY: any change to the message changes the HMAC.
• AUTHENTICITY: only someone with the shared key could have produced the HMAC.
3. DOES NOT PROVIDE:
• Confidentiality (the message itself is not encrypted)
• Non-repudiation (both parties have the key, so either could have produced it)
4. USE CASES: API request signing (AWS SigV4), JWT signing (HS256), message authentication in protocols.
5. Digital signatures (option C) need ASYMMETRIC crypto for non-repudiation.
_Source: Boneh & Shoup, §6 (MACs and HMAC) + RFC 2104._
Related questions
RSA encryption with PKCS#1 v1.5 padding is now consideredA SALT in password hashing isFORWARD SECRECY in TLS meansA CERTIFICATE AUTHORITY (CA) in PKI does what?TLS (Transport Layer Security) uses a HYBRID encryption scheme. Why?Which block cipher mode is INSECURE and should NEVER be used because it leaks PATTERNS in Which hash algorithm is considered DEPRECATED / WEAK and should NOT be used for new applicDIFFIE-HELLMAN key exchange allows two parties to