Home

KMAC

KMAC, or Keccak-based Message Authentication Code, is a cryptographic MAC constructed from the Keccak family of sponge functions. It provides data integrity and authentication by producing a fixed-length tag from a secret key and a message. KMAC is designed as an alternative to traditional MACs such as HMAC and supports variable output lengths, enabling flexible security levels.

The construction uses a Keccak sponge with a chosen capacity. The secret key and the message are

Standardization and variants: KMAC was defined in NIST SP 800-185, Keccak Special Sponges for XOFs and MACs,

Security considerations: The security of KMAC relies on the security of the underlying Keccak permutation and

Usage and history: Following Keccak’s selection as the SHA-3 winner, KMAC has been proposed for protocol and

absorbed
into
the
sponge,
and
a
tag
is
produced
by
squeezing
the
sponge’s
state.
A
customization
string
and
a
function
name
can
be
supplied
to
domain-separate
different
uses,
helping
prevent
cross-protocol
interference.
A
variant
known
as
KMACXOF
yields
an
extendable-output
function
(XOF),
allowing
tags
of
arbitrary
length.
as
part
of
the
Keccak
sponge-based
MAC
family.
It
is
also
referenced
in
international
standards
such
as
ISO/IEC
29167.
Implementations
typically
allow
specifying
the
key
length,
security
level,
and
desired
tag
length,
with
the
ability
to
use
a
fixed-length
MAC
or
an
XOF-based
tag.
an
appropriate
sponge
capacity,
typically
at
least
2n
bits
for
an
n-bit
security
level.
Tag
lengths
should
be
chosen
to
meet
the
desired
forgery
resistance.
As
with
other
sponge-based
MACs,
KMAC
is
resistant
to
certain
attacks
that
affect
traditional
hash-based
MACs,
and
the
sponge
structure
helps
prevent
simple
length-extension
exploits
when
parameterized
correctly.
library
use
as
an
efficient,
flexible
MAC.
It
is
supported
by
various
cryptographic
libraries
and
is
suitable
for
authenticating
messages
in
APIs,
protocols,
and
data
storage.