If I wanted to use hmac for proving that a value hadn't been tampered with, how many times can I use a key before it needs to be rotated?
Asked
Active
Viewed 1,726 times
2 Answers
3
There is no known inherent weakness in HMAC-SHA256 that requires key rotation for a suitably secret key.
However, other aspects of the system in which you are using HMAC-SHA256 may make key rotation necessary. For instance if you don't want the same message to have the same hmac over time for some reason a key rotation would achieve that (but so would a salt). Or if you know your key comes from an unusually low entropy pool making it easier to brute force than one would expect.
John Meacham
- 385
- 1
- 8
0
With HMAC, can an attacker recover the key, given many known plaintext/tag pairs?
I guess this constitutes an answer. I can keep the key as long as I think I can keep it secure. Rotating the key would give me forward secrecy at least.
