In this paper, we investigate the issues in the analysis and design of provably secure message authentication codes (MACs) Nested MAC (NMAC) and Hash based MAC (HMAC) proposed by Bellare, Canetti and Krawczyk. First, we provide security analysis of NMAC using weaker assumptions than stated in its proof of security. This analysis shows that, theoretically, one cannot further weaken the assumptions in the proof of security of NMAC to obtain a secure MAC function NMAC and for a secure MAC function NMAC, both keys must be secret. This analysis also provides a solution to an open question in Preneel's thesis on the security of MAC functions when the attacker has knowledge of the key(s) in relation to NMAC and HMAC. Next, we propose a new variant to the NMAC function by altering the standard padding used for the hash function in NMAC. This variant is slightly more efficient than NMAC especially for short messages. The analysis and performance aspects of this variant are compared with o...