The Keyed-Hash Message Authentication Code (HMAC)

National Institute of Standards and Technology

doi:https://doi.org/10.6028/NIST.FIPS.198-1

FIPS 198-1

The Keyed-Hash Message Authentication Code (HMAC)

Documentation Topics

Date Published: July 2008

Supersedes: FIPS 198 (03/06/2002)

Planning Note (11/4/2022):

This publication was reviewed by the Crypto Publication Review Board. It will be converted to a new NIST Special Publication, NIST SP 800-224.

FIPS 198-1 will be withdrawn when NIST SP 800-224 is published.

See the announcement of this decision for more details, including ways to monitor the development of NIST SP 800-224.

Author(s)

National Institute of Standards and Technology

Abstract

This Standard describes a keyed-hash message authentication code (HMAC), a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative Approved cryptographic hash function, in combination with a shared secret key.

Keywords

MAC; message authentication; Federal Information Processing Standards (FIPS); computer security; HMAC; cryptography

Control Families

Audit and Accountability; System and Communications Protection; System and Information Integrity

Documentation

Publication:
FIPS 198-1 (DOI)
Local Download

Supplemental Material:
None available

Document History:
07/16/08: FIPS 198-1 (Final)

Topics

Security and Privacy
message authentication

Laws and Regulations
Federal Information Security Modernization Act