Can I use a 128-bit key in the HMAC-SHA256?

Question

Can I use a 128-bit key in the HMAC-SHA256?

The Facebook app secret is a string of 32 characters (0-9, af) and therefore is a 128-bit byte array. Facebook uses this as a key to generate a signed request using HMAC-SHA256 . Is it correct? I thought the HMAC-SHA256 should use 256-bit keys.

+4

cryptography hmac

Ethan Aug 31 '12 at 0:13

source share

2 answers

The HMAC accepts a HASH (key) and uses it as a key if the key is longer than the size of the internal hash block. Thus, a key that exceeds the size of the internal hash block does not provide better security than one of the peers. Shorter keys have a value of zero equal to the internal size of the hash block in accordance with the HMAC specification.

Cannot use 128-bit key with HMAC-SHA-256. If you mean 128 bits filled up to 512 bits with zeros, then this is probably suitable for short-term authentication. I would recommend at least 256 bits, and ideally you would like to use something equal to the internal block size of the main hash.

+7

Michael J. Gray Aug 31 '12 at 1:04

source share

antak · Accepted Answer · 2012-08-31T00:52:35+0000

The page says that the 256-bit signature is obtained from the payload (which is signed by facebook) + 128-bit salt .

So that sounds like the right use.

Secret 16 bytes (32 characters) are not really a key in the sense that it was used for encryption and decryption. Rather, this is a bit of data (salt) that is used to change the result of a digital signature, by changing the input, it is still a bit, so only someone who knew the exact secret and exact payload could create the signature.

Can I use a 128-bit key in the HMAC-SHA256?

More articles: