RFC 2104 specifies how you should do it, see e.g. http://de.wikipedia.org/wiki/K...

		more_original on June 9, 2012 \| parent \| context \| favorite \| on: Why you should never use hash functions for messag... RFC 2104 specifies how you should do it, see e.g. http://de.wikipedia.org/wiki/Keyed-Hash_Message_Authenticati... The Handbook of Applied Cryptography, Chapter 9 (free online: http://cacr.uwaterloo.ca/hac/) nicely explains the reasons.