P. 1
LaRon Walker - Message Authentication Code

LaRon Walker - Message Authentication Code

|Views: 53|Likes:
Published by LaRon Walker
Message Authentication Code
Message Authentication Code

More info:

Published by: LaRon Walker on Apr 05, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as DOCX, PDF, TXT or read online from Scribd
See more
See less





Message Authentication Code LaRon Walker Master of Information Technology and Internet Security May, 2010 The amount

of information being passed over public and private networks has caused major concerns when it comes to privacy and information security. There are many components that should be considered when developing a strategy to address these concerns. Message authentication is one of these components. Message authentication is a method used to verify messages are securely passed between sender and recipient without being altered by external sources. When using the message authentication technique, there are two levels of authentication. These levels are the lower level authentication, which verifies the integrity of the sender of the message, and the higher level authentication, which verifies the integrity of the message itself (Stallings, 2006). Despite message authentication as being a commonly used practice, it still is vulnerable to attacks. Due to the way information is transferred over public and private networks, this data is susceptible to being intercepted or altered by an outside source. Attacks that are commonly performed on networks to gain unauthorized access to this information are as follows: 1. Disclosure 2. Traffic analysis 3. Masquerading 4. Content modification

5. Sequence modification 6. Timing modification 7. Source repudiation 8. Destination repudiation (Stallings, 2006). The above attacks are all requirements that must addressed to have an affective message authentication strategy. Also, to address these issues, you must consider both lower and high level authentication tactics. There are three main classes of techniques that can be used to encrypt messages on this lower level. These methods are by using hash functions, message encryption, and message authentication codes (Stallings, 2006). Using any of these techniques cover most of the above attack concerns. Using digital signature in conjunction with any of these lower level authentication techniques can help address the higher level authentication security concerns. Along with this, newer, more secure lower level practices are being developed to help address the exploits being discovered daily. One of these new cryptology practices is called abstract cryptology. Using this strategy, an outsider is able to obtain cryptology information and creates attacks using cryptology primitives, the attacks would not work as they would when not using this method (Mashatan, 2009). References Mashatan, A., & Stinson, D.. (2009). Interactive two-channel message authentication based on Interactive-Collision Resistant hash functions. International Journal of Information Security, 8(1), 49-60. Retrieved May 23, 2010, from ABI/INFORM Global. (Document ID: 1631537931).

Stallings, W. (2006). Cryptography and Network Security Principles and Practice (5th ed.). Upper Saddle River, NY: Prentice Hall.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->