Different between MACTripleDES and HMAC in .NET cryptography

Question

As the title says, I don't really understand the difference between the two implementations of keyed hash algorithm (or, to be precise, between MACTripleDES and implementations of HMAC).

Both can ComputeHash() and HashCore(). The only differences I see is that in MACTripleDES you can specify which type of hash function you want to use and:

HashCore() of HMAC:

Routes data written to the object into the default HMAC hash algorithm for computing the hash value.

HashCore() of MACTripleDES:

Routes data written to the object into the TripleDES encryptor for computing the Message Authentication Code (MAC)

From what I know about MAC, you digest the message using keyed hash algorithm to produce MAC. So in MACTripleDES, you hash the message with some hashing algorithm and then encrypt it using TripleDES to produce MAC, whereas in HMAC you just straightly use some keyed hash algorithm on the original message?

Answer 1

MACTripleDES doesn't use a hash function to calculate the MAC. It uses TripleDES which is an encryption algorithm.

HMAC is an abstract class meaning you cannot instantiate the class itself. You have to derive from it.

Derived classes from HMAC internally calls HashCore. HashCore is overridden to perform a specific hash function for each derived class:

• MD5 for HMACMD5
• RIPEMD-160 for HMACRIPEMD160
• SHA-1 for HMACSHA1
• SHA-256 for HMACSHA256
• SHA-386 for HMACSHA384
• SHA-512 for HMACSHA512

MACTripleDES, derived from KeyedHashAlgorithm, also has a HashCore method but it's not the same method as in HMAC. This HashCore method is defined to specifically use TripleDES to calculate the MAC. Hence you cannot "specify which type of hash function you want to use".

Since TripleDES is not a hash function it should not, and does not, derive from HMAC.

Addendum:

According to the, now withdrawn, FIPS 113 document:

3 GENERATION OF THE DAC

The Data Authentication Algorithm (DAA) makes use of the Data Encryption Standard (DES) cryptographic algorithm specified in FIPS PUB 46. The DES algorithm transforms (or encrypts) 64-bit input vectors to 64-bit output vectors using a cryptographic key. Let D be any 64-bit input vector and assume a key has been selected. The 64-bit vector, O, which is the output of the DES algorithm when DES is applied to D, using the enciphering operation, is represented as follows.

O = e(D)

The data (e.g., record, file, message, or program) to be authenticated is grouped into contiguous 64-bit blocks: D1, D2,.... Dn. If the number of data bits is not a multiple of 64, then the final input block will be a partial block of data, left justified. with zeroes appended to form a full 64-bit block. The calculation of the DAC is given by the following equations where + represents the Exclusive-OR of two vectors.

01 = e(D1)
02 = e(D2 + 01)
03 = e(D3 + 02)
On = e(Dn + 0n-1)

The DAC is selected from On. Devices which Implement the DAA shall be capable of selecting the leftmost M bits of On as the DAC, where 16 < M < 64 and M is a multiple of 8. A block diagram of the DAC generation is given in Appendix 1 and an example is given in Appendix 2. The Cipher Block Chaining Mode (CBC) with Initialization Vector (IV) = 0 and the 64-bit Cipher Feedback Mode with IV = D1 and data equal to D2, D3, ..., Dn (see FIPS PUB 81) both yield the required DAC calculation

As you can see it's the data (in 64-bit blocks) that is encrypted using CBC mode. The MAC is the last encrypted data block truncated to between 24 and 56 bits (inclusive).

Although FIPS 113 specifies DES as the algorithm the same applies to TripleDES.

Note: Since DES and TripleDES are concidered insecure so is MACTripleDES. This is the reason FIPS 113 was withdrawn.