From Knowledgebase
  • SHA3 algorithms are currently considered invulnerable to length-extension attacks.
  • A naive approach to hash-based MAC generation like taking the hash of the key appended to the message would be vulnerable to length-extension attacks. HMAC isn't[1].
  • Message Authentication Codes (MAC) are like a symmetric key cryptography version of digital signatures.