I am currently studying for an exam and this was a previous question:
Give one advantage of using HMACs over using RSA to sign SHA-1 hashes.
My thoughts are that it has something to do with the fact that HMAC assumes a private key has already been shared so there is no need to use public-private keys. But wouldn't it be possible for this key to be compromised?
HMAC is much faster to compute. Also, HMAC might still be secure, even if the underlying hash function is broken. This is not true for RSA + a broken hash function.
The main advantage is speed: HMACs are much faster than an RSA signature.
Given the question says you are signing SHA-1 hashes, there is no need to use a hash function in composition with RSA since the message will already be short-enough to sign directly. I doubt they are looking for an answer about the security of the underlying hash.
