I am attempting to build an authentication mechanism using API keys for access.

As a precaution against relay attacks, I am hashing the API key with the current DateTime and checking on the server side.

Using the same code to hash on both the client and server, I get different results from each of the two calls.

I.E: the Client hashes its API key and sends the hashed key and the datetime “salt” to the server.

The server takes the expected api key and hashed with the datetime sent from the client.

My hashes never match(Client hash != server hash).

This only occurs when I am running the client and server on seperate machines(actually another developer is attempting to write the client portion)

Everything works fine when I test on my local machine(running both client and server portions and attempting the authentication).

Question
Given the same input, will the .NET SHA256Managed class ComputeHash method return different results when run on different computers?