Last Updated: February 25, 2016
· lkraider

AES-256 and HMAC

This is a reminder on how to apply HMAC over the AES encrypted data for integrity:

ciphertext = iv + aes(key, iv, plaintext)
tag = hmac(hmac_key, ciphertext, sha256)

The key lengths are important too:

key = os.urandom(256/8)  # AES-256 key size
iv = os.urandom(128/8)  # AES block size
hmac_key = os.urandom(512/8)  # SHA-256 block size

Comments are welcome.