HMAC - Keying Hash Functions for Message Authentication
Security Accomplishment | 1996
IBM researcher: Hugo Krawczyk
Where the work was done: IBM T.J. Watson Research Center
What we accomplished: Krawczyk (pictured) proposed new cryptographically strong techniques to ensure that the sender of a message (e.g. over the Internet) is indeed the purported sender.
Related links: Pape: Keying Hash Functions for Message Authentication, from ACM CRYPTO '96 [16th Annual International Cryptology Conference on Advances in Cryptology].
- Paraphrasing the paper: "By the mid 1990s, hash functions such as MD5 or SHA were widely used for message authentication and had become the standard approach for many Internet applications and protocols. The paper presented a new, simple, and practical construction of message authentication schemes based on a cryptographic hash function. The proposed schemes, NMAC and HMAC, are proven to be secure as long as the underlying hash function has some reasonable cryptographic strengths."
Image credit: RSA Conference