What does HMAC add compared with using a hash function alone?

HMAC adds authentication by incorporating a shared secret key into the hash process. The MAC is computed using both the message and a secret key, typically through an inner and outer hashing step. This means that only someone who knows the secret key can generate or verify the MAC for a given message, tying the message to that key and ensuring it hasn’t been altered in transit. A plain hash function alone has no secret key, so anyone who can see the message and the hash could potentially forge or tamper without a shared secret. HMAC isn’t a public-key signature and doesn’t inherently produce a longer digest or require a per-message nonce—the key is what provides the authentication property, with the digest length determined by the underlying hash.