Geek Answers Handbook

What are the benefits of symmetric cryptography HMAC?

Somehow I do not get HMAC.

I once asked Why do I need HMAC when we have public key signatures? , and I think I got it. Easier to calculate and so on ...

But I don’t understand why we need HMAC in general, respectively, what problem they solve.

From my understanding, HMACs ...

  • Provide a way to ensure that the message has not been modified,
  • "protected" with a secret but symmetric key.

Therefore, to calculate the HMAC (either initially or for verification) I need to know the secret key.

Now, if I can exchange this key in a secret way without being dropped, I could also exchange the message in the same secret form without being tampered with, is it?

Well, now you can claim that you only need to exchange the key once, but you can have several messages. It's fine.

But if we now have a secret key that should be kept secret by all parties, we could also directly use symmetric encryption using the same secret key to encrypt the message, right?

Of course, the HMAC should provide a solution against unauthorized access, but if I have only an encrypted message without a secret key and a reasonable encryption algorithm, I cannot change this encrypted message in such a way that: a) the decryption still works, and b) a meaningful one appears decrypted message.

So why do I need an HMAC? Or - where is my flaw?

+8
encryption hmac
source share
1 answer

You assume that it is not possible to encrypt an encrypted message without knowing the key used for encryption. This is not a dangerous assumption. There are several possibilities, even if you have access to encrypted text:

  • Message Suffix Corruption: This may leak content information using error messages, time, and possibly other methods.
  • Corruption of message ranges for some modes (ECB, CFB, and possibly others): the same as above, but an attacker has more ways to cause the desired behavior.
  • Flipping arbitrary bits in one block (although not knowing their initial value) and damaging the next block (CFB): if some bits are known to an attacker, he can set them to the value he needs.
  • Flipping arbitrary bits in the entire message for stream ciphers or equivalent encryption stream modes for block ciphers: this can avoid corruption altogether.

Thus, it is very important to make sure that the attacker did not intervene in the message before processing even one byte of the decrypted content. Since problems again arise with the use of special verification or simple hashing, there is a need for MAC addresses, an example of which is HMAC.

+11
source share

More articles:


All Articles