HMAC and MAC Explained: How To Build Secure Authentication With JWTs

Written by wagslane | Published 2020/05/11
Tech Story Tags: cryptography | programming | security | passwords | tutorial | authentication | hmac | jwt

TLDR HMACs and MACs are authentication codes that allow receivers of messages to know who the sender was (authentication) A JWT (when using HMAC as the signing scheme) is basically just an HMAC message where the message data is a JWT object. An HMAC uses two rounds of hashing instead of one (or none) Each round of hashing uses a section of the secret key. We call this a length extension attack. No known extension attacks are known against the current HMAC specification.via the TL;DR App

no story

Written by wagslane | Founder of Boot.dev. Whining about coding sins since 2011. Committing coding sins for the same.
Published by HackerNoon on 2020/05/11