...
https://www.juniper.net/documentation/en_US/junos/topics/concept/ipsec-authentication-solutions.html
HMAC: Hash-based Message Authentication Code or Hash-based MACMAC
MAC # signature or cryptographic checksum
...
| HMAC ( Nested MAC(MAC(message) ) | Integrity and Authentication |
|---|---|
| 2 stage Hashing ( XOR ) with 2 different key ( ipad and opad ) | https://www.youtube.com/watch?v=wlSG3pEiQdc&ab_channel=Computerphile inner key / outer key Keys are 510bits ( fixed value, in the standard ) ipad: opad: HMAX(message) = h [ (K"+opad) || ( h(K"+ipad)||x) ] |
Sender ( Data + pre-shared Key ) > hash>> HASH1 send: Data + Hash1 | Receiver: ( Data + preshared key) Data > hash> Hash2 Compare Hash2 wit rx Hash1 |
| Usage of HMAC | |
| IKE Phase 2 (in IPSEC VPN) | |
TLS (old name SSL) for website using HTTPS TLS and replace the good old SSL / Secure Socket Layer control protocol TCP/443 |
