Y
Hacker News
new
|
ask
|
show
|
jobs
by
loeg
5122 days ago
Tl;dr: Use HMAC for Hash-based Message Authentication Codes and hash functions for hash functions. Don't use them the other way around.
PS, maybe more developers should take an intro course on crypto.
1 comments
ch0wn
5122 days ago
+ don't compare secret strings in a manner that makes it possible to draw conclusions about the position of the inequality.
link