HMAC and MAC Explained: How To Build Secure Authentication With JWTsby@wagslane
4,660 reads
4,660 reads

HMAC and MAC Explained: How To Build Secure Authentication With JWTs

by Lane Wagner3mMay 11th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

HMACs and MACs are authentication codes that allow receivers of messages to know who the sender was (authentication) A JWT (when using HMAC as the signing scheme) is basically just an HMAC message where the message data is a JWT object. An HMAC uses two rounds of hashing instead of one (or none) Each round of hashing uses a section of the secret key. We call this a length extension attack. No known extension attacks are known against the current HMAC specification.

Company Mentioned

Mention Thumbnail
featured image - HMAC and MAC Explained: How To Build Secure Authentication With JWTs
Lane Wagner HackerNoon profile picture
Lane Wagner

Lane Wagner

@wagslane

Founder of Boot.dev. Whining about coding sins since 2011. Committing coding sins for the same.

About @wagslane
LEARN MORE ABOUT @WAGSLANE'S
EXPERTISE AND PLACE ON THE INTERNET.

Share Your Thoughts

About Author

Lane Wagner HackerNoon profile picture
Lane Wagner@wagslane
Founder of Boot.dev. Whining about coding sins since 2011. Committing coding sins for the same.

TOPICS

THIS ARTICLE WAS FEATURED IN...

Permanent on Arweave
Read on Terminal Reader
Read this story in a terminal
 Terminal
Read this story w/o Javascript
Read this story w/o Javascript
 Lite
Also published here
L O A D I N G
. . . comments & more!