













Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This lecture was delivered by Dr. Samarendra Jeethesh at Ankit Institute of Technology and Science for System Security and Cryptography course. It includes: Authentication, Message, Hash, Functions, Security, Requirement, Encryption, MAC, Traffic, Analysis
Typology: Slides
1 / 21
This page cannot be seen from the preview
Don't miss anything!














At cats' green on the Sunday he took the message fromthe inside of the pillar and added Peter Moran's name tothe two names already printed there in the "Brontosaur"code. The message now read: “Leviathan to Dragon:Martin Hillman, Trevor Allan, Peter Moran: observe andtail.” What was the good of it John hardly knew. He feltbetter, he felt that at last he had made an attack on PeterMoran instead of waiting passively and effecting noretaliation. Besides, what was the use of being inpossession of the key to the codes if he never tookadvantage of it? — Talking to Strange Men, Ruth Rendell
message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the security requirements then three alternative functions used: message encryption message authentication code (MAC) hash function
receiver know sender must have created it since only sender and receiver now key used know content cannot of been altered if message has suitable structure, redundancyor a checksum to detect any changes
encryption provides no confidence of sender since anyone potentially knows public-key however if
as shown the MAC provides authentication can also use encryption for secrecy generally use separate keys for each can compute MAC either before or after encryption is generally regarded as better done before why use a MAC? sometimes only authentication is needed sometimes need authentication to persist longer thanthe encryption (eg. archival use) note that a MAC is not a digital signature
knowing a message and MAC, is infeasibleto find another message with same MAC
MACs should be uniformly distributed
MAC should depend equally on all bits of themessage
using IV=0 and zero-pad of final block encrypt message using DES in CBC mode and send just the final block as the MAC
h = H(M)
cf. MAC which is keyed
might think a 64-bit hash is secure but by Birthday Paradox is not birthday attack works thus: opponent generates 2 m /^2 variations of a valid message all with essentially the same meaning opponent also generates 2 m /^2 variations of a desired fraudulent message two sets of messages are compared to find pair withsame hash (probability > 0.5 by birthday paradox) have user sign the valid message, then substitute theforgery which will have a valid signature conclusion is that need to use larger MAC/hash
strong collision resistance hash have cost 2 m /^2
cryptanalytic attacks exploit structure like block ciphers want brute-force attacks to be thebest alternative have a number of analytic attacks on iteratedhash functions CV i^ = f[CV i- , M ]; H(M)=CVi N typically focus on collisions in function f like block ciphers is often composed of rounds attacks exploit properties of round functions