FIPS PUB 198
The Keyed-Hash Message Authentication Code (HMAC)
|Publication Date:||6 March 2002|
This standard describes a keyed-hash message authentication code (HMAC), a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative Approved cryptographic hash function, in combination with a shared secret key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. The HMAC specification in this standard is a generalization of Internet RFC 2104, HMAC, Keyed-Hashing for Message Authentication, and ANSI X9.71, Keyed Hash Message Authentication Code.
This standard is applicable to all Federal departments and agencies for the protection of sensitive unclassified information that is not subject to section 2315 of Title 10, United States Code, or section 3502(2) of Title 44, United States Code. This standard shall be used in designing, acquiring and implementing keyed-hash message authentication techniques in systems that Federal departments and agencies operate or which are operated for them under contract. The adoption and use of this standard is available on a voluntary basis to private and commercial organizations.