TabletWise.com
 

HMAC

3 minutes
Share the link to this page
Copied
  Completed
You need to purchase the class to view this lesson.
One-time Purchase
$99.99
List Price:  $139.99
You save:  $40
د.إ367.26
List Price:  د.إ514.18
You save:  د.إ146.92
A$130.08
List Price:  A$182.11
You save:  A$52.03
৳8,500.57
List Price:  ৳11,901.15
You save:  ৳3,400.57
CA$127.03
List Price:  CA$177.84
You save:  CA$50.81
CHF 89.14
List Price:  CHF 124.80
You save:  CHF 35.66
kr615.70
List Price:  kr862.01
You save:  kr246.30
€82.77
List Price:  €115.89
You save:  €33.11
£73.58
List Price:  £103.02
You save:  £29.43
HK$775.28
List Price:  HK$1,085.42
You save:  HK$310.14
₹7,315.51
List Price:  ₹10,242.01
You save:  ₹2,926.50
RM403.60
List Price:  RM565.06
You save:  RM161.46
₦39,615.21
List Price:  ₦55,462.88
You save:  ₦15,847.67
kr856.93
List Price:  kr1,199.74
You save:  kr342.80
NZ$139.91
List Price:  NZ$195.88
You save:  NZ$55.97
₱4,804.60
List Price:  ₱6,726.63
You save:  ₱1,922.03
₨16,112
List Price:  ₨22,557.45
You save:  ₨6,445.44
S$132.98
List Price:  S$186.18
You save:  S$53.20
฿3,008.35
List Price:  ฿4,211.81
You save:  ฿1,203.46
₺747.45
List Price:  ₺1,046.46
You save:  ₺299.01
B$529.28
List Price:  B$741.01
You save:  B$211.73
R1,522.60
List Price:  R2,131.70
You save:  R609.10
Лв162.07
List Price:  Лв226.90
You save:  Лв64.83
₩110,414.95
List Price:  ₩154,585.35
You save:  ₩44,170.40
₪328.82
List Price:  ₪460.36
You save:  ₪131.54
Already have an account? Log In

Transcript

Hashes are powerful, powerful tools. In fact, they're so powerful that they're used in one very, very unique place known as a hash based message authentication code, better known as an H Mac. Now to understand why an H Mac exists, let's consider a scenario. I've got two computers. Now these computers have already gone through an encryption process, and they're doing symmetric encryption back and forth. So they're sharing the same key.

The problem we have is that it is potentially possible that a bad guy could get in the middle of this and mess up our communication. In essence, if we've got Alice and Bob sending data back and forth, they have the same key because they've gone through some authentication process. How do we know that they're still the same people they claim to be? And that's where h max come into play. The idea of an H Mac is to take one individual packet, and then add some information to the end of that packet. Now, hashing is a trivial thing.

And if we were To take that one packet and hash it, when it gets to the other person, of course, they would be able to say, however that message was when it left, we got it in the same way by comparing hashes. But an H Mac does something a little bit different. What an H max going to do is generate a hash, but not just a hash of the message, whatever is in there, but it will actually use the key. So if Alice wants to generate an H Mac, what she'll do is she'll take that packet, she'll then go ahead and incorporate the key and then generate a hash. Now there's a big difference here, in terms of just taking a message adding a key to the end and making a hash like that. h max actually use a much more complicated bit of math to make all this happen.

And they have to because if they simply took the hash and added the key, bad guys could crack that over time. So h Mac is complicated, but powerful and also very, very quick and it is a great way to have more confidence that that path It is coming from that person, because the only way you're going to be able to run the hash is that if you also have that key, so that is a great aspect of H Mac. In fact, I've got some h Mac that we can actually do online. Let me show you an example right here. So to give you an example, this is a wonderful little website called free format or calm. Thanks, guys for letting me borrow this.

Anyway, this is their h MC generator slash tester tool. So what we can do here is we can type in some value, whatever we want to type in here, this could be whatever is in our particular message. But now we need to add some kind of secret key because h max don't work by themselves. So we'll type in some kind of secret key. And then we can generate a hash based on h Mac protocols from a whole bunch of different ways to do this. So we're going to stick with something pretty common.

Let's just do an old school MD five and compute this. And you can see that I have now generated An h max value based on that message and that key. So that's really the power of H max more than anything else. If I use h Max, I have some way to be able to say the only way that I could get this message in the form that it is, is if somebody else has my key h Mac. It's not a perfect tool, but it gets us a lot closer to good security.

Sign Up

Share

Share with friends, get 20% off
Invite your friends to TabletWise learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.