Photo by Volodymyr Hryshchenko on Unsplash

HMAC in the Cloud

A MAC (Message Authentication Code) is used to sign a message with a shared key. This differs from public key signing which uses a private key to sign and a public key to verify. In the following figure, Bob has a message and creates an HMAC-SHA-256 message authentication code using a shared secret symmetric key. When Alice receives the message, she also generates an HMAC-SHA-256 message authentication code using the same key. If it is the same one that…