Messages may be communicated between a sender and a receiver. The sender and receiver may be, for example, two computer systems, two modules on the same computer system, and the like. Both the sender and receiver may be concerned regarding the security and authentication of the messages exchanged. Different techniques may be used to ensure that a received message is not a modified version of an original message and also to verify the sender's identity. One approach is to use digital signatures when sending a message. Existing techniques for digital signatures use asymmetric cryptography in which different keys are used for encryption and decryption, such as use of public/private key pairs with a PKI (Public Key Infrastructure). When sending a message, a hash value of the message data or content may be generated such as using a cryptographic hash algorithm. The hash value may be encrypted using a sender's private key producing a digital signature of the message. The message data and its digital signature are transmitted to the receiver. The receiver then uses the sender's public key to decrypt the digital signature revealing a hash value as transmitted from the sender. The receiver may then perform verification processing by computing an expected hash value using the transmitted message data and applying the same hash algorithm as the sender. The receiver may then compare the expected hash value to the hash value produced by decryption. If both hash values match, the receiver may conclude that the message data has not changed and that the sender originated the received message. One drawback of using digital signatures with asymmetric cryptographic techniques is that the digital signature may be relatively large in comparison to the message data. Thus, digital signatures may increase the size of the message transmitted by an unacceptable amount such as may be the case, for example, in applications where the size of the transmitted message is subject to a size restriction. Another technique uses symmetric encryption where the same key is used for encryption, as performed by the sender, and decryption, as performed by the receiver. One drawback with the foregoing is that the key may be easily obtained by another, for example, since the key may be stored in a readable form and/or accessible location thereby adversely affecting the receiver's ability to detect message tampering, verify authentication of a message as being transmitted from a particular sender, and the like.