Photo by Nerene Grobler on Unsplash

I Know HMAC, But What’s CMAC?

With public-key encryption, we can create a signature where we sign with the private key, and then prove with the public key. Typical methods used are ECDSA and EdDSA. But this is rather heavyweight for signing messages that go back and forth between users. So one method is to use HMAC, and where the users have a shared secret key. This might be pre-arranged and long-term, or could be a short-term session key that they use for just one…

--

--

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store