Professional Documents
Culture Documents
Very easy..
M M’
Alice Bob
M M’
Alice Bob
Key : k Key : k
If I do not send M,
Alice Bob then Alice must
have sent it.
M
Key : k Key : k
MAC (k,M)
MAC Authentication (II)
MAC allows two or more mutually trusting parties to
authenticate messages sent between members
Alice Bob
M
Key : k Key : k
Key : k
Integrity with Hash
Forge M’ and
compute h(M’)
Eve
No shared key
M M’
h (M) h (M)
Alice Bob
Can we simply send the hash with the message to serve message authentication ?
Ans: No, Eve can change the message and recompute the hash.
Using hash needs more appropriate procedure to guarantee integrity
Message Authentication Code
A function of the message and a secret key that produces a
fixed-length value that serves as the authenticator
Generated by an algorithm :
generated from message + secret key : MAC = C(K,M)
A small fixed-sized block of data
appended to message as a signature when sent
Receiver performs same computation on message and checks
it matches the MAC
Keyed Hash Functions as MACs
Want a MAC based on a hash function
● because hash functions are generally faster
● crypto hash function code is widely available
Need a hashing including a key along with message
But hashing is internally has no key!
Original proposal:
KeyedHash = Hash(Key|Message)
● some weaknesses were found with this
20
Digital Signature
1. Digital Signature is a type of electronic signature
that encrypts documents with digital codes that are
particularly difficult to duplicate
2. In case of digital signature message is encrypted
with the private key and decrypted with the public
key.
On BOB
On FRANK side
Digital Signature Algorithm
26
At Sender Side