- Purpose:
- Detect unauthorized alterations of message & hash
- Integrity & authentication of bulk data
- A hash is not enough, as an attacker could alter the message and recalculate it
- Process:
- Combine a message with a secret key before hashing
- Only whoever has the secret key can create an acceptable digest