The message authentication code (MAC) is generated from an associated message as a method for assuring the integrity of the message and the authenticity of the source of the message. A secret key to the generation algorithm must be established between the originator of the message and its intended receiver(s).
Currently, there are three (3) approved* general purpose MAC algorithms: HMAC, KMAC and CMAC.
NIST SP 800-224, Keyed-Hash Message Authentication Code (HMAC): Specification of HMAC and Recommendations for Message Authentication (Initial Public Draft) was released for public comment on June 28, 2024. This publication was proposed by the NIST Crypto Publication Review Board based on the reviews of FIPS 198-1 and SP 800-107r1 in 2022. The final version of SP 800-224 is expected to be published concurrently with the withdrawal of FIPS 198-1.
Comment Period Closed: September 6, 2024
FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC) (July 2008), specifies a mechanism for message authentication using an approved hash function. The approved hash functions are specified in FIPS 180-4, Secure Hash Standard and FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. Specific guidelines in connection with HMAC's security properties are provided in NIST SP 107 Revision 1, Recommendation for Applications Using Approved Hash Algorithms.
KMAC is specified in SP 800-185, SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash (December 2016). KMAC is a keyed hash function based on KECCAK, which is specified in FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. There are two variants of KECCAK, KMAC128 and KMAC256.
Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).
Security and Privacy: message authentication