Which algorithm is recommended to use when encoding / decoding JWT web application tokens? Is using HMAC-SHA256 enough or would using HMAC-SHA512 provide more security? And on 64bit machines, is it true that HMAC-SHA512 is faster than HMAC-SHA256?
Asked
Active
Viewed 1.4k times
10
Maarten Bodewes
- 96,351
- 14
- 169
- 323
W.M.
- 203
- 1
- 2
- 5
1 Answers
16
Both algorithms provide plenty of security, near the output size of the hash. So even though HMAC-512 will be stronger, the difference is inconsequential. If this ever breaks it is because the algorithm itself is broken and as both hash algorithms are related, it is likely that both would be in trouble. However, no such attack is known and the HMAC construct itself appears to be very strong indeed.
SHA-512 is indeed faster than SHA-256 on 64 bit machines. It may be that the overhead provided by the block size of SHA-512 is detrimental to HMAC-ing short length message sizes. But you can speedup larger messages sizes using HMAC-SHA-512 for sure. Then again, SHA-256 is plenty fast itself, and is faster on 32 bit and lower machines, so I'd go for HMAC-SHA-256 if lower end machines could be involved.
Note that newer x86 processors also contain SHA-1 and SHA-256 accelerator hardware, so that may shift the speed advantage back into SHA-256's favor compared to SHA-512.
Maarten Bodewes
- 96,351
- 14
- 169
- 323