a keyed-hash message authentication code (HMAC) is a
specific construction for calculating amessage
authentication code (MAC)involving
a cryptographic hash function in combination with a
secret cryptographic key.
with any MAC, it may be used to simultaneously verify both the data
integrityand the authentication of amessage.
cryptographic hash function, such as MD5 or SHA-1,may be used in the calculation of an
HMAC; the resulting MAC algorithm is termed HMAC-MD5 or HMAC-SHA1 accordingly.
cryptographic strength of the HMAC depends upon the cryptographic
strength of the underlying hash function, the size of its hash output,
and on the size and quality of the key.
iterative hash function breaks up a message into blocks of a fixed size and
iterates over them with a compression function.
example, MD5 and SHA-1 operate on 512-bit blocks. The size of the output of
HMAC is the same as that of the underlying hash function (128 or 160 bits in
the case of MD5 or SHA-1, respectively), although it can be truncated if
and HMAC-MD5 are used within the IPsec and TLS protocols.
generating algorithm on Client and Server side