diff --git a/crypto_auth.js b/crypto_auth.js
new file mode 100644
index 0000000..a279a29
--- /dev/null
+++ b/crypto_auth.js
@@ -0,0 +1,35 @@
+/* eslint-disable camelcase */
+const { crypto_verify_32 } = require('./crypto_verify')
+const Sha512 = require('sha512-universal')
+const assert = require('nanoassert')
+
+const crypto_auth_BYTES = 32
+const crypto_auth_KEYBYTES = 32
+
+function crypto_auth (out, input, k) {
+  assert(out.byteLength === crypto_auth_BYTES, "out should be 'crypto_auth_BYTES' in length")
+  assert(k.byteLength === crypto_auth_KEYBYTES, "key should be 'crypto_auth_KEYBYTES' in length")
+
+  const out0 = new Uint8Array(64)
+  const hmac = Sha512.HMAC(k)
+  hmac.update(input)
+  hmac.digest(out0)
+
+  out.set(out0.subarray(0, 32))
+}
+
+function crypto_auth_verify (h, input, k) {
+  assert(h.byteLength === crypto_auth_BYTES, "h should be 'crypto_auth_BYTES' in length")
+  assert(k.byteLength === crypto_auth_KEYBYTES, "key should be 'crypto_auth_KEYBYTES' in length")
+
+  const correct = Sha512.HMAC(k).update(input).digest()
+
+  return crypto_verify_32(h, 0, correct, 0)
+}
+
+module.exports = {
+  crypto_auth_BYTES,
+  crypto_auth_KEYBYTES,
+  crypto_auth,
+  crypto_auth_verify
+}
diff --git a/index.js b/index.js
index 48a88bb..980fdd6 100644
--- a/index.js
+++ b/index.js
@@ -12,6 +12,7 @@ forward(require('./randombytes'))
 forward(require('./memory'))
 forward(require('./helpers'))
 forward(require('./crypto_verify'))
+forward(require('./crypto_auth'))
 forward(require('./crypto_box'))
 forward(require('./crypto_generichash'))
 forward(require('./crypto_hash'))
diff --git a/package.json b/package.json
index 766c98a..eada135 100644
--- a/package.json
+++ b/package.json
@@ -7,8 +7,8 @@
     "blake2b": "^2.1.1",
     "chacha20-universal": "^1.0.4",
     "nanoassert": "^2.0.0",
-    "sha256-universal": "^1.0.1",
-    "sha512-universal": "^1.0.1",
+    "sha256-universal": "^1.1.0",
+    "sha512-universal": "^1.1.0",
     "siphash24": "^1.0.1",
     "xsalsa20": "^1.0.0"
   },