




























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An overview of message authentication techniques, focusing on message authentication codes (mac) and secure hash functions. It explains how these methods ensure message integrity and authenticity, and discusses various attack requirements and authentication functions. Symmetric encryption is also covered as a method for providing both confidentiality and authentication.
Typology: Slides
1 / 36
This page cannot be seen from the preview
Don't miss anything!





























Message authentication is a mechanism used to verify the integrity of the message. Message authentication assures that data received are exactly as sent(contains no modification, insertion, deletion, or replay) and that the purported identity of the sender is valid. Symmetric encryption provides authentication among those who share the secret key. Encryption of the message by a sender’s private key also provides a form of authentication.
is an algorithm that requires the use of secret key.
takes a variable
length message and a secret key as input and produces an authentication code.
recipient in possession of the secret key can generate an authentication code to verify the integrity of the message.
hash function maps a variable
length message into a fixed length hash value, or message digest. For message authentication, a secure hash function must be combined in some fashion with a secret key.
Content modification: Changing the content of the message, including insertion, deletion etc. Sequence modification: Any modification to sequence of messages between parties including insertion, deletion. Timing modification: Delayed or replay of messages. Source repudiation: Denial of transmission of message by source. Destination repudiation: Denial of receipt of message by destination.
The first two attacks deal with message confidentiality.
to
deal with message authentication. And last two deal with digital signatures.
Message encryption can itself provide measure of authentication. The analysis differ for
Symmetric public ‐ key encryption schemes
We can say that symmetric encryption provide both confidentiality and authentication. Consider what is happening at
Given decryption function
will accept any cipher text
and produce
If
is the cipher text of legitimate message then Y is some cipher text
otherwise meaning less sequence of bits. So if
is legitimate plaintext therefore must have come from
For example we are transmitting English language message using caeser cipher with a shift of one (K=1) .A sends the following legitimate cipher text. Decrypts to produce the following plaintext A Simple Frequency analysis confirms that message has the profile of ordinary English. On the other hand if opponent generates the following random sequence of letters.
Append an error correcting code or a frame check sequence(FCS) to each message before encryption. A prepares plaintext message and provide this input to the function F that produce an FCS. FCS is appended to M and entire block is encrypted. At destination B decrypts the incoming block and treat the result as a message with appended FCS. B applies the same function F to attempt to reproduce the FCS. If the calculated FCS is equal to the incoming FCS, then message is considered authentic. It is unlikely that any random sequence of bits would exhibit the desired relationship.
Authentication technique involves the use of secret key to generate a small fixed ‐ size block of data, known as cryptographic checksum or MAC that is appended to message. Assume the two parties say A and B, share a common secret key K. when A has a message to send to B , it calculates the MAC as a function of the message and the key: MAC = C(K,M), where M= input message C= MAC function K=shared secret key MAC = message authentication code