This document discusses message authentication and types of authentication functions. It describes how message authentication ensures integrity and authenticity by preventing alterations during transmission and confirming the sender. Types of attacks addressed include masquerading, modification, and timing attacks. Authentication functions produce authenticators like ciphertexts from encryption, message authentication codes (MACs) from a secret key and message, and hash values. MACs specifically concatenate a cryptographic checksum to the message to verify integrity upon receipt.
This document discusses message authentication and types of authentication functions. It describes how message authentication ensures integrity and authenticity by preventing alterations during transmission and confirming the sender. Types of attacks addressed include masquerading, modification, and timing attacks. Authentication functions produce authenticators like ciphertexts from encryption, message authentication codes (MACs) from a secret key and message, and hash values. MACs specifically concatenate a cryptographic checksum to the message to verify integrity upon receipt.
This document discusses message authentication and types of authentication functions. It describes how message authentication ensures integrity and authenticity by preventing alterations during transmission and confirming the sender. Types of attacks addressed include masquerading, modification, and timing attacks. Authentication functions produce authenticators like ciphertexts from encryption, message authentication codes (MACs) from a secret key and message, and hash values. MACs specifically concatenate a cryptographic checksum to the message to verify integrity upon receipt.
Digests, Digital Certificates Message Authentication • Message authentication refers to the mechanism used to ensure that the integrity of the received message has been preserved – that the message has not been altered during transmission. • It also assures the receiver that the message has originated from the intended sender and not from any intruder. • Thus, a message is said to be authentic if the message has not been altered and has come from the actual sender. Types of attacks addressed by authentication • Masquerade – messages from a fraud source are put into the network – an intruder impersonates an authorized entity – fake acknowledgements • Modification of the message – making certain modifications in the contents of the captured message – insert, delete or transpose the contents • Timing modification – delaying or replaying the messages being transmitted. – entire session or individual message can be delayed or replayed Types of authentication functions • Each authentication mechanism involves the use of a function to produce a value to be used for authenticating a message. • This value is known as the authenticator. • The authenticator enables the recipient of the message to verify the authenticity of the message. Types of authentication functions • Message encryption – In this class, the authenticator of the message is the ciphertext that is produced after encrypting the entire plaintext. • Message authentication code (MAC) – In this class, the authenticator of the message is a fixed length value that is generated by applying a function on the message and the secret key. Types of authentication functions • Hash function – In this class, a hash function (also called message digest algorithm) is applied on a variable-length message to produce a fixed-length output that acts as the authenticator of the message. Message Authentication Code (MAC) • Message authentication code (MAC) is a piece of information used to authenticate a message being transmitted between two communicating parties. • A MAC algorithm is applied on an arbitrary- length message to be authenticated and the common secret key shared between the parties to generate a small fixed-size block of data called cryptographic checksum (or MAC ). • The calculated MAC is concatenated with the original message, and the message plus MAC are then sent to the receiver. Message Authentication Code (MAC) • Let A and B be two parties that share a common secret key K . • When A wants to send a message (say, M ) to B , it computes MAC by applying the MAC algorithm (say, C ) on message M and secret key K , as shown here: MAC = C(K, M) Message Authentication Code (MAC) • After MAC has been computed, A sends the message M and MAC to B through the network. • On receiving, B distinguishes the message M from MAC and applies the same MAC algorithm C on the message M and the secret key K to generate MAC′ . • Then, MAC′ and MAC are compared to determine whether they are the same. • If so, then message integrity and sender’s authenticity are proved. Message authentication using MAC Message Authentication Code (MAC) • MAC is different from message encryption in the sense that the MAC algorithm is not required to be reversible as it should be for decryption at the receiver’s end. • Useful in following situations: – When the same message has to be broadcasted to several destinations – When the receiving side is heavily loaded and cannot decrypt all the messages.