Poly1305 MAC Generator and Verifier Online

Poly1305 is a fast, secure message authentication code (MAC) designed to detect accidental or malicious changes to messages. It produces a 16-byte tag for a message using a 32-byte secret key. Poly1305 is commonly used as the authentication part of the ChaCha20-Poly1305 AEAD construction.

Below is the Poly1305 MAC Generator and Verifier tool allows users to quickly compute authentication tags for messages, verify tags received from APIs or secure communication systems, and validate message integrity in real time.

Support This Free Tool!

I build these tools to give you fast, secure, privacy-friendly utilities—free and signup-free.

Buying me a coffee helps keep the project running and supports new features.

Powered by

Thank you for helping this tool thrive!

We do not store, log any key you enter. This tool runs entirely over a secure HTTPS connection to keep your encryption key safe at all times.

Key Features

• You can generate a Poly1305 tag (MAC) for a text input or file using a 32-byte key (HEX).
• You can verify that a given tag matches a message and key — verification returns valid/invalid.
• For real-world systems prefer AEAD (ChaCha20-Poly1305) to avoid key reuse pitfalls.

Usage Guide — step by step

1. Choose Generate or Verify tab: Pick whether you want to create a tag or check an existing tag for a message/file.
2. Provide a 32-byte key (HEX): A 256-bit key; you can paste your own or use the Generate Key button to get a new key in hex format. Keep the key secret.
3. Provide message or file: Either type/paste the exact message into the text box or upload a file to MAC the file bytes. The MAC covers the exact bytes — whitespace and encodings matter.
4. Generate tag: Click Generate MAC. The tool returns a 16-byte tag (displayed as HEX) you can copy or download.
5. Verify: To verify, select the Verify tab, enter the same key and the tag (HEX), and either paste the original message or upload the same file. The tool will respond VALID or INVALID.

Practical use cases

1) API message integrity: When two services exchange messages, they can attach a Poly1305 tag to each payload. The receiver verifies the tag before processing to ensure the payload is authentic.

2) Signed file download validation: For secure file transfer between systems, the sender provides the file plus a Poly1305 tag. The receiver verifies the tag after download to detect corruption or tampering.

3) Embedded systems & IoT: Resource-constrained devices benefit from Poly1305’s speed. Use it to authenticate telemetry packets where CPU and memory are limited.

4) Educational & debugging: Use this tool to learn how MACs work, to generate test vectors, and to debug interoperability between libraries (server vs browser implementations).