The implementation of md5_hash(...) and md5_hmac(...) in bro.bif is identical: %{ unsigned char digest[16]; hmac_md5_val(@ARG@, digest); return new StringVal(md5_digest_print(digest)); %} It seems that md5_hmac should support providing the secret key. Does anyone know more details about this? Matthias