LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

Why is a keyed-hash function (HMAC) stronger than a plain or salted hash for pseudonymization?

HMAC mixes a secret key into the hash, so without the key, reversing or matching values is computationally infeasible.

HMAC = hash + a secret key. The difference from salting is who knows the secret: a salt is stored alongside the data (it just stops precomputation), whereas the HMAC key is kept separate and secret. An attacker who steals the dataset but not the key cannot brute-force candidate inputs, because they can't reproduce the keyed digest.

That makes HMAC far stronger than plain or even salted hashing — as long as the key is well-protected. The flip side mirrors all key-based schemes: leak the key and the protection collapses.

Tip: Salt protects against precomputed tables; a secret key protects against brute-force entirely. HMAC gives you both.

Go deeper:

From Quiz: PRIVACY / Data Anonymization — k-Anonymity, l-Diversity & Re-identification | Updated: Jul 05, 2026