Generate KMAC128 authentication tags - Keccak-based MAC with 128-bit security per NIST SP 800-185.
About
KMAC128 is a Keccak-based Message Authentication Code defined in NIST SP 800-185, providing 128-bit security with variable-length output and optional personalization, offering an alternative to HMAC with built-in XOF capabilities.
Specifications
Output SizeVariable
StandardNIST SP 800-185
Standard Year2016
Origin Keccak submission to NIST SHA-3 competition
Origin Year 2008
Use Cases
—NIST-compliant message authentication
—Keccak-based MAC requirements
—Variable-length authentication tags
—Domain-separated MAC construction
—SHA-3 ecosystem authentication
Frequently Asked Questions
KMAC128 is a Keccak-based Message Authentication Code defined in NIST SP 800-185. Unlike HMAC which uses any hash function, KMAC is built on Keccak/SHA-3 and natively supports variable-length output. It provides an alternative MAC construction in the SHA-3 ecosystem.
HMAC-SHA256 is more widely supported and tested. Use KMAC128 when working exclusively within the SHA-3 ecosystem or when you need variable-length MAC output. For general interoperability, HMAC-SHA256 remains the conservative choice.
Yes, KMAC128 can produce authentication tags of any length. This is useful when protocols require non-standard tag sizes. However, standard 128-bit or 256-bit tags are recommended for most applications to ensure adequate security.