HMAC hash message authentication code

Collection

137

hmac

Edit

HMAC is a key-related hash operation message authentication code, HMAC operation uses a hash algorithm, Take a key and a message as input, and generate a message digest as output.

Chinese name
hash message authentication code
foreign name
Hash-based Message Authentication Code
abbreviated Write
HMAC
Overview
HMAC is Key related hash operation
Operation function
Verify the number of authorizations accepted by TPM

< /dl>

Catalog

  1. 1 Introduction
  2. ? Calculation function
  3. ? Algorithm representation
  1. ? HMAC calculation steps
  2. ? HMAC application
  3. 2 Typical applications
  1. ? Certification process
  2. ? Security analysis

< /div>

Introduction

Edit

Operation function

(1) Verify TPM Accepted authorization data and authentication data;
(2) Confirm that the command request received by the TPM is an authorized request, and that the command has not been changed during transmission.
The definition of HMAC requires a hash function for encryption (represented as H, which can be MD5 or SHA-1) and a key K. We use B to represent the number of bytes in the data block. (The segmented data block of the hash function mentioned above has a word length of B=64), and L is used to represent the number of output data bytes of the hash function (L=16 in MD5, L=20 in SHA-1). The length of the authentication key can be any positive integer value less than or equal to the word length of the data block. If the key length used in the application is larger than B, first use the hash function H to act on it, and then use the L-length character string output by H as the key actually used in HMAC. In general, the recommended minimum key K length is L bytes.

algorithm representation

Algorithm formula: HMAC(K,M)=H(K⊕opad∣H(K⊕ipad∣M)) [1]
H represents the HASH algorithm used (such as SHA-256)
K represents the authentication password
Ko represents the cipher text of the HASH algorithm
M represents a message input

< div class="para"> B represents the size of the block processed in H. This size is the size of the processed block, not the size of the output hash.

For example, SHA-1 and SHA- 256 B = 64
SHA-384 and SHA-512 B = 128
L represents the size of the hash
Opad repeats B times with 0x5c
Ipad repeats B times with 0x36
Apad repeats with 0x878FE1F3 (L/4) Times

HMAC operation steps

< /div>

First-Hash = H(Ko XOR Ipad || (data to auth))
Second-Hash = H(Ko X OR Opad || First-Hash)
(1) Add 0 after the key K to create a string of word length B. (For example, if the word length of K is 20 bytes and B=64 bytes, then 44 zero bytes 0x00 will be added after K)
(2) Will be generated in the previous step The B-length character string is XORed with ipad.
(3) Fill the data stream text into the result string of the second step.
(4) Use H to act on the data stream generated in the third step.
(5) XOR the B-length character string generated in the first step with opad.
(6) Then fill the result of the fourth step into the result of the fifth step.
(7) Use H to act on the data stream generated in the sixth step to output the final result

HMAC application

hmac is mainly used in identity verification, and its The usage method is as follows:
(1) The client sends a login request (assuming it is a GET request from the browser)
(2) The server returns a random value and records this random value in the session
(3) The client uses the random value as a key, and the user password performs hmac operation, and then submits it to the server< /div>

(4) The server reads the user password in the user database and the random value sent in step 2 to do the same hmac operation as the client, and then compares it with the result sent by the user. If the result is If they are consistent, verify that the user is legal.
In this process, the random value sent by the server and the hmac result sent by the user may be attacked. For those who have intercepted these two values For hackers, these two values ​​are meaningless, and there is no possibility of obtaining user passwords. The introduction of random values ​​makes hmac only valid in the current session, which greatly enhances security and practicability. Most languages ​​have implemented the hmac algorithm, such as php’s mhash, python’s hmac.py, and java’s MessageDigest class. It is also feasible to use hmac in web authentication, and the speed of md5 operations with js is also relatively fast.

Typical applications

Edit

A typical application of HMAC is used in “question/response” ( Challenge/Response) Identity authentication.

Certification process

(1) First, the client sends a verification request to the server.
(2) After receiving this request, the server generates a random number and transmits it to the client through the network (this is a questioning).
(3) The client provides the received random number to ePass, and ePass uses the random number and the key stored in ePass to perform HMAC-MD5 operation and obtain a result Pass it to the server as authentication evidence (this is a response).
(4) At the same time, the server also uses the random number and the client key stored in the server database to perform HMAC-MD5 calculations. If the server’s calculation result matches the client’s If the returned response results are the same, the client is considered to be a legitimate user

Security analysis

From the above introduction, we can see that the HMAC algorithm is more like an encryption algorithm. The security of the key is not completely dependent on the HASH algorithm used. The security is mainly guaranteed by the following points:
(1) The key used is agreed by both parties in advance. It is impossible for a third party to know. From the application process introduced in 3.2, it can be seen that as a third party who illegally intercepts information, the only information that can be obtained is the random number as the “challenge” and the HMAC result as the “response”, and the key cannot be calculated based on these two data. Since the key is not known, a consistent response cannot be faked.

Collection

137

Collection

HMAC is the key Related hash operation message authentication code, HMAC operation uses a hash algorithm, takes a key and a message as input, and generates a message digest as output.

HMAC is a key-related hash operation message authentication code. HMAC operation uses a hash algorithm, takes a key and a message as input, and generates a message digest as output.

Chinese name
Hash message authentication code
foreign name
Hash-based Message Authentication Code
Write down
HMAC

Overview
HMAC is a key-related hash operation
Operation function
Verify the number of authorizations accepted by TPM

Catalog

  1. 1​< span class="text">Introduction
  2. ? Calculation function
  3. ? Algorithm representation
  1. ? HMAC calculation steps< /span>
  2. ? HMAC application
  3. 2 Typical applications
  1. ? Certification process
  2. ? Security analysis

Catalog

  1. 1 Introduction
  2. ? Calculation function
  3. ? Algorithm representation
  1. ? HMAC calculation steps
  2. ? HMAC application
  3. 2 typical Application
  1. ? Certification process
  2. ? Security analysis

  1. 1 Introduction span>
  2. ? Calculation function
  3. ? Algorithm representation
  1. < span class="index">? HMAC calculation steps
  2. ? HMAC application
  3. 2 Typical application span>
  1. ? Certification process span>
  2. ? Security analysis

Introduction

Edit

Calculation function

(1) Verify the authorization data and authentication data accepted by the TPM;

(2) Confirm that the command request received by the TPM has been Authorized request, and the command has not been changed during transmission.

Define HMAC requires an encryption hash function (represented as H, which can be MD5 or SHA-1) and a key K. We use B to represent the number of bytes in the data block. (The segmented data block of the hash function mentioned above has a word length of B=64), and L is used to represent the number of output data bytes of the hash function (L=16 in MD5, L=20 in SHA-1). The length of the authentication key can be any positive integer value less than or equal to the word length of the data block. If the key length used in the application is larger than B, first use the hash function H to act on it, and then use the L-length character string output by H as the key actually used in HMAC. In general, the recommended minimum key K length is L bytes.

Algorithm expression

Algorithm formula: HMAC(K,M)=H(K ⊕opad∣H(K⊕ipad∣M)) [1]

H represents the HASH algorithm used (such as SHA-256)

K represents the authentication password

Ko represents the cipher text of the HASH algorithm

M represents A message input

B represents the block size processed in H. This size is the processed block size, not the output hash size.

For example, SHA-1 and SHA-256 B = 64

SHA-384 and SHA-512 B = 128

L represents the size of the hash

Opad repeats B times with 0x5c

Ipad repeats B times with 0x36

Apad repeats (L/4) times with 0x878FE1F3

HMAC operation Step

First-Hash = H(Ko XOR Ipad || (data to auth))

Second-Hash = H(Ko XOR Opad || First-Hash )

(1) Add 0 after the key K to create a string of word length B. (For example, if the word length of K is 20 bytes and B=64 bytes, 44 zero bytes 0x00 will be added after K)

(2) Change the word length of B generated in the previous step XOR operation between string and ipad.

(3) Fill the data stream text into the result string of the second step.

(4) Use H to act on the data stream generated in the third step.

(5) XOR the B-length character string generated in the first step with opad.

(6) Then fill the result of the fourth step into the result of the fifth step.

(7) Use H to act on the data stream generated in the sixth step to output the final result

HMAC The application of hmac

hmac is mainly used in authentication, and its use is as follows:

(1) The client sends a login request (assuming it is a browser GET request)

(2) The server returns a random value and records this random value in the session

(3) The client uses the random value as the key and the user password Hmac operation, and then submitted to the server

(4) The server reads the user password in the user database and the random value sent in step 2 to do the same hmac operation as the client, and then compares with the result sent by the user , If the results are consistent, verify that the user is legal

In this process, the random value sent by the server and the hmac result sent by the user may be attacked. For hackers who intercepted these two values, These two values ​​are meaningless, and there is no possibility of obtaining user passwords. The introduction of random values ​​makes hmac only valid in the current session, which greatly enhances security and practicability. Most languages ​​have implemented the hmac algorithm, such as php’s mhash, python’s hmac.py, and java’s MessageDigest class. It is also feasible to use hmac in web authentication, and the speed of md5 operations with js is also relatively fast.

Typical applications

Edit

A typical application of HMAC is used in “Challenge/Response” (Challenge/Response) authentication.

Authentication process

(1) First, the client sends a verification request to the server .

(2) After receiving this request, the server generates a random number and transmits it to the client via the network (this is a questioning).

(3) The client provides the received random number to ePass, and ePass uses the random number to perform HMAC-MD5 operation with the key stored in ePass and obtains a result as authentication evidence. Server (this is a response).

(4) At the same time, the server also uses the random number and the client key stored in the server database to perform HMAC-MD5 calculations. If the calculation result of the server matches the response result returned by the client The same, the client is considered to be a legitimate user

security analysis

From the above introduction, we can see that the HMAC algorithm is more like an encryption algorithm. It introduces a key, and its security does not completely depend on the HASH algorithm used. The security is mainly guaranteed by the following points:

(1) The key used is agreed by both parties in advance, and it is impossible for a third party to know it. From the application process introduced in 3.2, it can be seen that as a third party who illegally intercepts information, the only information that can be obtained is the random number as a “challenge” and the HMAC result as a “response”, and the key cannot be calculated based on these two data. Since the key is not known, a consistent response cannot be faked.

WordPress database error: [Table 'yf99682.wp_s6mz6tyggq_comments' doesn't exist]
SELECT SQL_CALC_FOUND_ROWS wp_s6mz6tyggq_comments.comment_ID FROM wp_s6mz6tyggq_comments WHERE ( comment_approved = '1' ) AND comment_post_ID = 1131 ORDER BY wp_s6mz6tyggq_comments.comment_date_gmt ASC, wp_s6mz6tyggq_comments.comment_ID ASC

Leave a Comment

Your email address will not be published.