SlideShare a Scribd company logo

BAIT1103 Chapter 2

•
•
L
limsh
EducationTechnology
1 of 30
BAIT1103 INTERNET SECURITY Chapter 2: Message Authentication
Objectives • Define the term message authentication code. • List and explain the requirements for a message authentication code • Explain why hash function used for message authentication needs to be secured. • Present an overview of HMAC. • Recap on digital signatures.
Every Egyptian received two names, which were known respectively as the true name and the good name, or the great name and the little name; and while the good or little name was made public, the true or great name appears to have been carefully concealed. —The Golden Bough, Sir James George Frazer To guard against the baneful influence exerted by strangers is therefore an elementary dictate of savage prudence. Hence before strangers are allowed to enter a district, or at least before they are permitted to mingle freely with the inhabitants, certain ceremonies are often performed by the natives of the country for the purpose of disarming the strangers of their magical powers, or of disinfecting, so to speak, the tainted atmosphere by which they are supposed to be surrounded. —The Golden Bough, Sir James George Frazer
Approaches to Message Authentication • Encryption protects against passive attack (eavesdropping). • A different requirement is to protect against active attack (falsification of data and transactions). • Protection against such attack is known as message authentication.
Approaches to Message Authentication • A message, file, document, or other collection of data is said to be authentic when it is genuine and comes from its alleged source. • Message authentication is a procedure that allows communicating parties to verify that received messages are authentic. • Two important aspects: • Verify that the contents of the message have not been altered and that the source is authentic • Verify a message’s timeliness (it has not been artificially delayed and replayed) and sequence relative to other messages flowing between two parties.
Approaches to Message Authentication Using conventional encryption • Symmetric encryption alone is not a suitable tool for data authentication • • • We assume that only the sender and receiver share a key, so only the genuine sender would be able to encrypt a message successfully The receiver assumes that no alterations have been made and that sequencing is proper if the message includes an error detection code and a sequence number If the message includes a timestamp, the receiver assumes that the message has not been delayed beyond that normally expected for network transit Without message encryption • An authentication tag is generated and appended to each message for transmission • The message itself is not encrypted and can be read at the destination independent of the authentication function at the destination • Because the message is not encrypted, message confidentiality is not provided
Approaches to Message Authentication • • Message authentication is provided as a separate function from message encryption. Three situations in which message authentication without confidentiality is preferable: There are a number of applications in which the same message is broadcast to a number of destinations. • e.g. notification to users that the network is now unavailable and an alarm signal in a control center • It is cheaper and more reliable to have only one destination responsible for monitoring authenticity • Broadcast in plaintext with an associated message authentication tag An exchange in which one side has a heavy load and cannot afford the time to decrypt all incoming messages • Authentication is carried out on a selective basis with messages being chosen at random for checking Authentication of a computer program in plaintext is an attractive service • Computer program can be executed without having to decrypt it every time, which would be wasteful of processor resources • If a message authentication tag were attached to the program, it could be checked whenever assurance is required
Approaches to Message Authentication • Message authentication code (MAC) – technique involves the use of a secret key to generate a small block of data that is appended to the message. • Assumes that two communicating parties (e.g. A and B) share a common secret key KAB. When A sends message to B, it calculates the MAC as a function of the message and the key: MACM = F(KAB, M) • The recipient performs the same calculation on the received message, using the same key, to generate new MAC. • The received code is compared to the calculated code.
Approaches to Message Authentication • Assume that only the receiver and the sender know the secret key, and if the received code matches the calculated code, the following statements apply: • The receiver is assured that the message has not been altered. If an attacker alters the message but does not alter the code, then the receiver’s calculation of code will differ from the received code. • The receiver is assured that the message is from the alleged sender because no one else knows the secret key, no one else could prepare a message with a proper code. • If the message includes a sequence number, then the receiver can be assured of the proper sequence because an attacker cannot successfully alter the sequence number.
One-way Hash Functions • An alternative to MAC • A hash function accepts a variable-size message M as input and produces a fixed-size message digest H(M) as output • Does not take a secret key as input • To authenticate a message, the message digest is sent with the message in such a way that the message digest is authentic Message Hash function algorithm Message Digest
(a) The message digest can be encrypted using conventional encryption if it is assumed that only the sender and receiver share the encryption key, then authenticity is assured. (b) The message digest can be encrypted using public-key encryption. The public-key approach has 2 advantages: • • (c) It provides a digital signature as well as message authentication It does not require the distribution of keys to communicating parties A technique uses a hash function but no encryption for message authentication – assuming 2 communicating parties share a common secret value. • Because the secret value itself is not sent, it is not possible for an attacker to modify an intercepted message. • As long as the secret value remains secret, it is also not possible for an attacker to generate false message.
Secure Hash Functions • Is important not only in message authentication but in digital signatures • Purpose is to produce a “fingerprint” of a file, message, or other block of data • To be useful for message authentication, a hash function H must have the following properties: 1. 2. • H can be applied to a block of data of any size. • H produces a fixed-length output. 3. • H(x) is relatively easy to compute for any given x, making both hardware and software implementations practical. 4. • For any given code h, it is computationally infeasible to find x such that H(x) = h. A hash function with this property is referred to as one-way or preimage resistant. 5. 6. • For any given block x, it is computationally infeasible to find y x with H(y) = H(x). A hash function with this property is referred to as second preimage resistant. This is sometimes referred to as weak collision resistant. • It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). • A hash function with this property is referred to as collision resistant. This is sometimes referred to as strong collision resistant.
Secure Hash Functions • The first 3 properties are requirements for the practical application of a hash function to message authentication. • The 4th property, preimage resistant, is the “one-way” property: It is easy to generate a code given a message, but virtually impossible to generate a message given a code (important if the authentication technique use secret value). • The second preimage resistant property guarantees that it is impossible to find an alternative message with the same hash value as a given message. This prevents forgery when an encrypted hash code is used. • A hash function that satisfies the first 5 properties is referred to as a weak hash function. • If the 6th property is also satisfied, is it referred to as a strong hash function because collision resistant protects against a sophisticated class of attack known as the birthday attack.
Examples of secure hash functions usage Unix Passwords: • When the user selects a password p, the system stores H(p) instead of p itself. • When the user later tries to login with password p, the system again computes H(p) and compares it with the stored value. If they are the same, the user is granted access. Integrity of downloaded files: • When I download a file, I would like to check that if I have received it correctly. • The reason is to check if it wasn't accidentally or maliciously corrupted during transmission or it wasn't accidentally or maliciously corrupted on the server. To achieve this, the server can offer me H(f) corresponding to the file f. • I can compute H(f) on the file have received. • If they match, I can assume that the file is correctly transmitted.
Security of Hash Functions • There are two approaches to attacking a secure hash function: • Cryptanalysis • Involves exploiting logical weaknesses in the algorithm • Brute-force attack • The strength of a hash function against this attack depends solely on the length of the hash code produced by the algorithm
Simple hash functions • All hash functions operate using the following general principles. • The input (message, file, etc.) is viewed as a sequence of n-bit blocks. • The input is processed one block at a time in an iterative fashion to produce an n-bit hash function. • One of the simplest hash functions is the bit-by-bit exclusiveOR (XOR) of every block. • Figure 3.3 illustrates this operation; it produces a simple parity for each bit position and is known as a longitudinal redundancy check.
The sha Secure Hash function • Secure Hash Algorithm (SHA) was developed by National Institute of Standards and Technology (NIST) and published as a federal information processing standard (FIPS 180) in 1993 • Virtually every other widely used hash function had been found to have substantial cryptanalytic weaknesses, SHA was more or less the last remaining standardized hash algorithm by 2005 • Was revised in 1995 as SHA-1 and published as FIPS 180-1 • The actual standards document is entitled “Secure Hash Standard” • Based on the hash function MD4 and its design closely models MD4 • SHA-1 produces 160-bit hash values • In 2005 NIST announced the intention to phase out approval of SHA-1 and move to a reliance on SHA-2 by 2010
Table 3.1 Comparison of SHA Parameters Note: All sizes are measured in bits.
• The algorithm takes as input a message with a maximum length of less than 2128 bits and produces as output a 512-bit message digest. • The input is processed in 1024-bit blocks. • Figure 3.4 depicts the overall processing of a message to produce a digest.
• The heart of the algorithm is a module that consists of 80 rounds; this module is labeled F in Figure 3.4. • The logic is illustrated in Figure 3.5. • The SHA-512 algorithm has the property that every bit of the hash code is a function of every bit of the input. • The complex repetition of the basic function F produces results that are well mixed; that is, it is unlikely that two messages chosen at random, even if they exhibit similar regularities, will have the same hash code.
Sha-3 2. SHA-3 must preserve the online nature of SHA-2. That is, the algorithm must process comparatively small blocks (512 or 1024 bits) at a time instead of requiring that the entire message be buffered in memory before processing it. 1. It must be possible to replace SHA-2 with SHA-3 in any application by a simple drop-in substitution. Therefore, SHA-3 must support hash value lengths of 224, 256, 384, and 512 bits. Basic requirements that must be satisfied by any candidate for SHA-3
HMAC • There has been an increased interest in developing a MAC derived from a cryptographic hash code, such as SHA-1 • Cryptographic hash functions generally execute faster in software than conventional encryption algorithms such as DES • Library code for cryptographic hash functions is widely available • A hash function such as SHA-1 was not designed for use as a MAC and cannot be used directly for that purpose because it does not rely on a secret key • There have been a number of proposals for the incorporation of a secret key into an existing hash algorithm • The approach that has received the most support is HMAC HMAC • Has been issued as RFC 2104 • Has been chosen as the mandatory-to-implement MAC for IP Security • Is used in other Internet protocols, such as Transport Layer Security (TLS) and Secure Electronic Transaction (SET)
HMAC Design Objectives • To use, without modifications, available hash functions --- in particular, hash functions that perform well in software, and for which code is freely and widely available • To allow for easy replaceability of the embedded hash function in case faster or more secure hash functions are found or required • To preserve the original performance of the hash function without incurring a significant degradation • To use and handle keys in a simple way • To have a well understood cryptographic analysis of the strength of the authentication mechanism based on reasonable assumptions on the embedded hash function
HMAC Structure Secret Key, K Inner Padding K1 + pad K2 + pad K2 + pad Message Outer Padding Hash1 K1 + pad Hash2 HMAC Hash1
Digital signatures • Digital Signature Standard (DSS) – use SHA-1 and presents a new digital signature technique called the Digital Signature Algorithm (DSA). • Originally proposed in 1991 and revised in 1993 and again in 1996 • Uses an algorithm that is designed to provide only the digital signature function • Cannot be used for encryption or key exchange but used for authenticating both source and data integrity • Created by encrypting message with private key – entire encrypted message serves as a digital signature
Digital signatures • Important to emphasize that the encryption process does not provide confidentiality • Message being sent is safe from alteration but not safe from eavesdropping • This is obvious in the case of a signature based on a portion of the message, because the rest of the message is transmitted in the clear. • Even in the case of complete encryption, there is no protection of confidentiality because any observer can decrypt the message by using the sender’s public key.
Summary • Approaches to message authentication • Authentication using conventional encryption • Message authentication without message encryption • Secure hash functions • Hash function requirements • Security of hash functions • Simple hash functions • The SHA secure hash function SHA-3 • Message authentication codes • HMAC • Digital Signatures

Recommended

BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3limsh
 
Cryptography
CryptographyCryptography
CryptographyAbhi Prithi
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - SecurityWayne Jones Jnr
 
Security attacks
Security attacksSecurity attacks
Security attacksTejaswi Potluri
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Information and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesInformation and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesVaibhav Khanna
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 

Recommended

BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3limsh
 
Cryptography
CryptographyCryptography
CryptographyAbhi Prithi
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - SecurityWayne Jones Jnr
 
Security attacks
Security attacksSecurity attacks
Security attacksTejaswi Potluri
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Information and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesInformation and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesVaibhav Khanna
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Security
SecuritySecurity
SecuritySri Manakula Vinayagar Engineering College
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA AlgoritmnDr. Kapil Gupta
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 IntroducationTushar Rajput
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS Kathirvel Ayyaswamy
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Dos unit 5
Dos unit 5Dos unit 5
Dos unit 5JebasheelaSJ
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution MethodsGulcin Yildirim Jelinek
 
network security
network securitynetwork security
network securityBishalWosti1
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce STS
 
Threshold cryptography
Threshold cryptographyThreshold cryptography
Threshold cryptographyMohibullah Saail
 
CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21jemtallon
 
Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemMerlin Florrence
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20jemtallon
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.pptPrabhat Kumar
 
Digital signaturepattern 10 30
Digital signaturepattern 10 30Digital signaturepattern 10 30
Digital signaturepattern 10 30Joaquin Ojeda
 
Security
SecuritySecurity
SecurityRaj Kumar Ranabhat
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
BAIT1103 Tutorial 7
BAIT1103 Tutorial 7BAIT1103 Tutorial 7
BAIT1103 Tutorial 7limsh
 

More Related Content

What's hot

Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 IntroducationTushar Rajput
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution MethodsGulcin Yildirim Jelinek
 
network security
network securitynetwork security
network securityBishalWosti1
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce STS
 
Threshold cryptography
Threshold cryptographyThreshold cryptography
Threshold cryptographyMohibullah Saail
 
CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21jemtallon
 
Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemMerlin Florrence
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20jemtallon
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.pptPrabhat Kumar
 
Digital signaturepattern 10 30
Digital signaturepattern 10 30Digital signaturepattern 10 30
Digital signaturepattern 10 30Joaquin Ojeda
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 

What's hot (20)

Security
SecuritySecurity
Security
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA Algoritmn
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 Introducation
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS CS6004 CYBER FORENSICS
CS6004 CYBER FORENSICS
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Dos unit 5
Dos unit 5Dos unit 5
Dos unit 5
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
 
network security
network securitynetwork security
network security
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce
 
Threshold cryptography
Threshold cryptographyThreshold cryptography
Threshold cryptography
 
CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21
 
Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating system
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.ppt
 
Digital signaturepattern 10 30
Digital signaturepattern 10 30Digital signaturepattern 10 30
Digital signaturepattern 10 30
 
Security
SecuritySecurity
Security
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 

Viewers also liked

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
BAIT1103 Tutorial 7
BAIT1103 Tutorial 7BAIT1103 Tutorial 7
BAIT1103 Tutorial 7limsh
 
BAIT1103 Assignment Presentation
BAIT1103 Assignment PresentationBAIT1103 Assignment Presentation
BAIT1103 Assignment Presentationlimsh
 
BAIT1103 Tutorial 8
BAIT1103 Tutorial 8BAIT1103 Tutorial 8
BAIT1103 Tutorial 8limsh
 
Group Assignment - Internet Security
Group Assignment - Internet SecurityGroup Assignment - Internet Security
Group Assignment - Internet Securitylimsh
 
BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11limsh
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 

Viewers also liked (7)

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
BAIT1103 Tutorial 7
BAIT1103 Tutorial 7BAIT1103 Tutorial 7
BAIT1103 Tutorial 7
 
BAIT1103 Assignment Presentation
BAIT1103 Assignment PresentationBAIT1103 Assignment Presentation
BAIT1103 Assignment Presentation
 
BAIT1103 Tutorial 8
BAIT1103 Tutorial 8BAIT1103 Tutorial 8
BAIT1103 Tutorial 8
 
Group Assignment - Internet Security
Group Assignment - Internet SecurityGroup Assignment - Internet Security
Group Assignment - Internet Security
 
BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 

Similar to BAIT1103 Chapter 2

Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
Information and network security 41 message authentication code
Information and network security 41 message authentication codeInformation and network security 41 message authentication code
Information and network security 41 message authentication codeVaibhav Khanna
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORKUNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORKjeevasreemurali
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptxsandyBS
 
Information and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationInformation and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationVaibhav Khanna
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSADr.Florence Dayana
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, HashesShafaan Khaliq Bhatti
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Cryptography and netwrk securityunit 4
Cryptography and netwrk securityunit 4Cryptography and netwrk securityunit 4
Cryptography and netwrk securityunit 4mallikarjun batchanaboina
 
Message auth. code Based on Hash Functions.pptx
Message auth. code Based on Hash Functions.pptxMessage auth. code Based on Hash Functions.pptx
Message auth. code Based on Hash Functions.pptxaribariaz507
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfkrishnapriya673257
 
Cns
CnsCns
CnsArthyR3
 
final ppt TS.pptx
final ppt TS.pptxfinal ppt TS.pptx
final ppt TS.pptxpaluribalu2001
 
cryptography security
cryptography security cryptography security
cryptography securityZia3130
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 

Similar to BAIT1103 Chapter 2 (20)

Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
Information and network security 41 message authentication code
Information and network security 41 message authentication codeInformation and network security 41 message authentication code
Information and network security 41 message authentication code
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functions
 
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORKUNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptx
 
Information and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationInformation and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authentication
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, Hashes
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash FunctionsCRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
 
Cryptography and netwrk securityunit 4
Cryptography and netwrk securityunit 4Cryptography and netwrk securityunit 4
Cryptography and netwrk securityunit 4
 
Message auth. code Based on Hash Functions.pptx
Message auth. code Based on Hash Functions.pptxMessage auth. code Based on Hash Functions.pptx
Message auth. code Based on Hash Functions.pptx
 
DataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdfDataCommunication Network - Unit 5.pdf
DataCommunication Network - Unit 5.pdf
 
Cns
CnsCns
Cns
 
final ppt TS.pptx
final ppt TS.pptxfinal ppt TS.pptx
final ppt TS.pptx
 
cryptography security
cryptography security cryptography security
cryptography security
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network security
 

More from limsh

BAIT2164 Topics for Revision
BAIT2164 Topics for RevisionBAIT2164 Topics for Revision
BAIT2164 Topics for Revisionlimsh
 
BAIT2164 Tutorial 9
BAIT2164 Tutorial 9BAIT2164 Tutorial 9
BAIT2164 Tutorial 9limsh
 
BAIT2164 Tutorial 8
BAIT2164 Tutorial 8BAIT2164 Tutorial 8
BAIT2164 Tutorial 8limsh
 
BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)limsh
 
BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)limsh
 
BAIT2164 Tutorial 5
BAIT2164 Tutorial 5BAIT2164 Tutorial 5
BAIT2164 Tutorial 5limsh
 
BAIT2164 Tutorial 4
BAIT2164 Tutorial 4BAIT2164 Tutorial 4
BAIT2164 Tutorial 4limsh
 
BAIT2164 Tutorial 3
BAIT2164 Tutorial 3BAIT2164 Tutorial 3
BAIT2164 Tutorial 3limsh
 
BAIT2164 Tutorial 2
BAIT2164 Tutorial 2BAIT2164 Tutorial 2
BAIT2164 Tutorial 2limsh
 
BAIT2164 Tutorial 1
BAIT2164 Tutorial 1BAIT2164 Tutorial 1
BAIT2164 Tutorial 1limsh
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8limsh
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7limsh
 
BAIT1103 Tutorial 6
BAIT1103 Tutorial 6BAIT1103 Tutorial 6
BAIT1103 Tutorial 6limsh
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6limsh
 
BAIT1103 Tutorial 5
BAIT1103 Tutorial 5BAIT1103 Tutorial 5
BAIT1103 Tutorial 5limsh
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5limsh
 
BAIT1103 Tutorial 4
BAIT1103 Tutorial 4BAIT1103 Tutorial 4
BAIT1103 Tutorial 4limsh
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4limsh
 
BAIT1103 Tutorial 3
BAIT1103 Tutorial 3BAIT1103 Tutorial 3
BAIT1103 Tutorial 3limsh
 
BAIT1103 Tutorial 2
BAIT1103 Tutorial 2BAIT1103 Tutorial 2
BAIT1103 Tutorial 2limsh
 

More from limsh (20)

BAIT2164 Topics for Revision
BAIT2164 Topics for RevisionBAIT2164 Topics for Revision
BAIT2164 Topics for Revision
 
BAIT2164 Tutorial 9
BAIT2164 Tutorial 9BAIT2164 Tutorial 9
BAIT2164 Tutorial 9
 
BAIT2164 Tutorial 8
BAIT2164 Tutorial 8BAIT2164 Tutorial 8
BAIT2164 Tutorial 8
 
BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)
 
BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)
 
BAIT2164 Tutorial 5
BAIT2164 Tutorial 5BAIT2164 Tutorial 5
BAIT2164 Tutorial 5
 
BAIT2164 Tutorial 4
BAIT2164 Tutorial 4BAIT2164 Tutorial 4
BAIT2164 Tutorial 4
 
BAIT2164 Tutorial 3
BAIT2164 Tutorial 3BAIT2164 Tutorial 3
BAIT2164 Tutorial 3
 
BAIT2164 Tutorial 2
BAIT2164 Tutorial 2BAIT2164 Tutorial 2
BAIT2164 Tutorial 2
 
BAIT2164 Tutorial 1
BAIT2164 Tutorial 1BAIT2164 Tutorial 1
BAIT2164 Tutorial 1
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7
 
BAIT1103 Tutorial 6
BAIT1103 Tutorial 6BAIT1103 Tutorial 6
BAIT1103 Tutorial 6
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6
 
BAIT1103 Tutorial 5
BAIT1103 Tutorial 5BAIT1103 Tutorial 5
BAIT1103 Tutorial 5
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5
 
BAIT1103 Tutorial 4
BAIT1103 Tutorial 4BAIT1103 Tutorial 4
BAIT1103 Tutorial 4
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4
 
BAIT1103 Tutorial 3
BAIT1103 Tutorial 3BAIT1103 Tutorial 3
BAIT1103 Tutorial 3
 
BAIT1103 Tutorial 2
BAIT1103 Tutorial 2BAIT1103 Tutorial 2
BAIT1103 Tutorial 2
 

Recently uploaded

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxnelietumpap1
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 

Recently uploaded (20)

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 

BAIT1103 Chapter 2

  • 2. Objectives • Define the term message authentication code. • List and explain the requirements for a message authentication code • Explain why hash function used for message authentication needs to be secured. • Present an overview of HMAC. • Recap on digital signatures.
  • 3. Every Egyptian received two names, which were known respectively as the true name and the good name, or the great name and the little name; and while the good or little name was made public, the true or great name appears to have been carefully concealed. —The Golden Bough, Sir James George Frazer To guard against the baneful influence exerted by strangers is therefore an elementary dictate of savage prudence. Hence before strangers are allowed to enter a district, or at least before they are permitted to mingle freely with the inhabitants, certain ceremonies are often performed by the natives of the country for the purpose of disarming the strangers of their magical powers, or of disinfecting, so to speak, the tainted atmosphere by which they are supposed to be surrounded. —The Golden Bough, Sir James George Frazer
  • 4. Approaches to Message Authentication • Encryption protects against passive attack (eavesdropping). • A different requirement is to protect against active attack (falsification of data and transactions). • Protection against such attack is known as message authentication.
  • 5. Approaches to Message Authentication • A message, file, document, or other collection of data is said to be authentic when it is genuine and comes from its alleged source. • Message authentication is a procedure that allows communicating parties to verify that received messages are authentic. • Two important aspects: • Verify that the contents of the message have not been altered and that the source is authentic • Verify a message’s timeliness (it has not been artificially delayed and replayed) and sequence relative to other messages flowing between two parties.
  • 6. Approaches to Message Authentication Using conventional encryption • Symmetric encryption alone is not a suitable tool for data authentication • • • We assume that only the sender and receiver share a key, so only the genuine sender would be able to encrypt a message successfully The receiver assumes that no alterations have been made and that sequencing is proper if the message includes an error detection code and a sequence number If the message includes a timestamp, the receiver assumes that the message has not been delayed beyond that normally expected for network transit Without message encryption • An authentication tag is generated and appended to each message for transmission • The message itself is not encrypted and can be read at the destination independent of the authentication function at the destination • Because the message is not encrypted, message confidentiality is not provided
  • 7. Approaches to Message Authentication • • Message authentication is provided as a separate function from message encryption. Three situations in which message authentication without confidentiality is preferable: There are a number of applications in which the same message is broadcast to a number of destinations. • e.g. notification to users that the network is now unavailable and an alarm signal in a control center • It is cheaper and more reliable to have only one destination responsible for monitoring authenticity • Broadcast in plaintext with an associated message authentication tag An exchange in which one side has a heavy load and cannot afford the time to decrypt all incoming messages • Authentication is carried out on a selective basis with messages being chosen at random for checking Authentication of a computer program in plaintext is an attractive service • Computer program can be executed without having to decrypt it every time, which would be wasteful of processor resources • If a message authentication tag were attached to the program, it could be checked whenever assurance is required
  • 8. Approaches to Message Authentication • Message authentication code (MAC) – technique involves the use of a secret key to generate a small block of data that is appended to the message. • Assumes that two communicating parties (e.g. A and B) share a common secret key KAB. When A sends message to B, it calculates the MAC as a function of the message and the key: MACM = F(KAB, M) • The recipient performs the same calculation on the received message, using the same key, to generate new MAC. • The received code is compared to the calculated code.
  • 9.
  • 10. Approaches to Message Authentication • Assume that only the receiver and the sender know the secret key, and if the received code matches the calculated code, the following statements apply: • The receiver is assured that the message has not been altered. If an attacker alters the message but does not alter the code, then the receiver’s calculation of code will differ from the received code. • The receiver is assured that the message is from the alleged sender because no one else knows the secret key, no one else could prepare a message with a proper code. • If the message includes a sequence number, then the receiver can be assured of the proper sequence because an attacker cannot successfully alter the sequence number.
  • 11. One-way Hash Functions • An alternative to MAC • A hash function accepts a variable-size message M as input and produces a fixed-size message digest H(M) as output • Does not take a secret key as input • To authenticate a message, the message digest is sent with the message in such a way that the message digest is authentic Message Hash function algorithm Message Digest
  • 12. (a) The message digest can be encrypted using conventional encryption if it is assumed that only the sender and receiver share the encryption key, then authenticity is assured. (b) The message digest can be encrypted using public-key encryption. The public-key approach has 2 advantages: • • (c) It provides a digital signature as well as message authentication It does not require the distribution of keys to communicating parties A technique uses a hash function but no encryption for message authentication – assuming 2 communicating parties share a common secret value. • Because the secret value itself is not sent, it is not possible for an attacker to modify an intercepted message. • As long as the secret value remains secret, it is also not possible for an attacker to generate false message.
  • 13. Secure Hash Functions • Is important not only in message authentication but in digital signatures • Purpose is to produce a “fingerprint” of a file, message, or other block of data • To be useful for message authentication, a hash function H must have the following properties: 1. 2. • H can be applied to a block of data of any size. • H produces a fixed-length output. 3. • H(x) is relatively easy to compute for any given x, making both hardware and software implementations practical. 4. • For any given code h, it is computationally infeasible to find x such that H(x) = h. A hash function with this property is referred to as one-way or preimage resistant. 5. 6. • For any given block x, it is computationally infeasible to find y x with H(y) = H(x). A hash function with this property is referred to as second preimage resistant. This is sometimes referred to as weak collision resistant. • It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). • A hash function with this property is referred to as collision resistant. This is sometimes referred to as strong collision resistant.
  • 14. Secure Hash Functions • The first 3 properties are requirements for the practical application of a hash function to message authentication. • The 4th property, preimage resistant, is the “one-way” property: It is easy to generate a code given a message, but virtually impossible to generate a message given a code (important if the authentication technique use secret value). • The second preimage resistant property guarantees that it is impossible to find an alternative message with the same hash value as a given message. This prevents forgery when an encrypted hash code is used. • A hash function that satisfies the first 5 properties is referred to as a weak hash function. • If the 6th property is also satisfied, is it referred to as a strong hash function because collision resistant protects against a sophisticated class of attack known as the birthday attack.
  • 15. Examples of secure hash functions usage Unix Passwords: • When the user selects a password p, the system stores H(p) instead of p itself. • When the user later tries to login with password p, the system again computes H(p) and compares it with the stored value. If they are the same, the user is granted access. Integrity of downloaded files: • When I download a file, I would like to check that if I have received it correctly. • The reason is to check if it wasn't accidentally or maliciously corrupted during transmission or it wasn't accidentally or maliciously corrupted on the server. To achieve this, the server can offer me H(f) corresponding to the file f. • I can compute H(f) on the file have received. • If they match, I can assume that the file is correctly transmitted.
  • 16. Security of Hash Functions • There are two approaches to attacking a secure hash function: • Cryptanalysis • Involves exploiting logical weaknesses in the algorithm • Brute-force attack • The strength of a hash function against this attack depends solely on the length of the hash code produced by the algorithm
  • 17. Simple hash functions • All hash functions operate using the following general principles. • The input (message, file, etc.) is viewed as a sequence of n-bit blocks. • The input is processed one block at a time in an iterative fashion to produce an n-bit hash function. • One of the simplest hash functions is the bit-by-bit exclusiveOR (XOR) of every block. • Figure 3.3 illustrates this operation; it produces a simple parity for each bit position and is known as a longitudinal redundancy check.
  • 18.
  • 19. The sha Secure Hash function • Secure Hash Algorithm (SHA) was developed by National Institute of Standards and Technology (NIST) and published as a federal information processing standard (FIPS 180) in 1993 • Virtually every other widely used hash function had been found to have substantial cryptanalytic weaknesses, SHA was more or less the last remaining standardized hash algorithm by 2005 • Was revised in 1995 as SHA-1 and published as FIPS 180-1 • The actual standards document is entitled “Secure Hash Standard” • Based on the hash function MD4 and its design closely models MD4 • SHA-1 produces 160-bit hash values • In 2005 NIST announced the intention to phase out approval of SHA-1 and move to a reliance on SHA-2 by 2010
  • 20. Table 3.1 Comparison of SHA Parameters Note: All sizes are measured in bits.
  • 21. • The algorithm takes as input a message with a maximum length of less than 2128 bits and produces as output a 512-bit message digest. • The input is processed in 1024-bit blocks. • Figure 3.4 depicts the overall processing of a message to produce a digest.
  • 22. • The heart of the algorithm is a module that consists of 80 rounds; this module is labeled F in Figure 3.4. • The logic is illustrated in Figure 3.5. • The SHA-512 algorithm has the property that every bit of the hash code is a function of every bit of the input. • The complex repetition of the basic function F produces results that are well mixed; that is, it is unlikely that two messages chosen at random, even if they exhibit similar regularities, will have the same hash code.
  • 23. Sha-3 2. SHA-3 must preserve the online nature of SHA-2. That is, the algorithm must process comparatively small blocks (512 or 1024 bits) at a time instead of requiring that the entire message be buffered in memory before processing it. 1. It must be possible to replace SHA-2 with SHA-3 in any application by a simple drop-in substitution. Therefore, SHA-3 must support hash value lengths of 224, 256, 384, and 512 bits. Basic requirements that must be satisfied by any candidate for SHA-3
  • 24. HMAC • There has been an increased interest in developing a MAC derived from a cryptographic hash code, such as SHA-1 • Cryptographic hash functions generally execute faster in software than conventional encryption algorithms such as DES • Library code for cryptographic hash functions is widely available • A hash function such as SHA-1 was not designed for use as a MAC and cannot be used directly for that purpose because it does not rely on a secret key • There have been a number of proposals for the incorporation of a secret key into an existing hash algorithm • The approach that has received the most support is HMAC HMAC • Has been issued as RFC 2104 • Has been chosen as the mandatory-to-implement MAC for IP Security • Is used in other Internet protocols, such as Transport Layer Security (TLS) and Secure Electronic Transaction (SET)
  • 25. HMAC Design Objectives • To use, without modifications, available hash functions --- in particular, hash functions that perform well in software, and for which code is freely and widely available • To allow for easy replaceability of the embedded hash function in case faster or more secure hash functions are found or required • To preserve the original performance of the hash function without incurring a significant degradation • To use and handle keys in a simple way • To have a well understood cryptographic analysis of the strength of the authentication mechanism based on reasonable assumptions on the embedded hash function
  • 26.
  • 27. HMAC Structure Secret Key, K Inner Padding K1 + pad K2 + pad K2 + pad Message Outer Padding Hash1 K1 + pad Hash2 HMAC Hash1
  • 28. Digital signatures • Digital Signature Standard (DSS) – use SHA-1 and presents a new digital signature technique called the Digital Signature Algorithm (DSA). • Originally proposed in 1991 and revised in 1993 and again in 1996 • Uses an algorithm that is designed to provide only the digital signature function • Cannot be used for encryption or key exchange but used for authenticating both source and data integrity • Created by encrypting message with private key – entire encrypted message serves as a digital signature
  • 29. Digital signatures • Important to emphasize that the encryption process does not provide confidentiality • Message being sent is safe from alteration but not safe from eavesdropping • This is obvious in the case of a signature based on a portion of the message, because the rest of the message is transmitted in the clear. • Even in the case of complete encryption, there is no protection of confidentiality because any observer can decrypt the message by using the sender’s public key.
  • 30. Summary • Approaches to message authentication • Authentication using conventional encryption • Message authentication without message encryption • Secure hash functions • Hash function requirements • Security of hash functions • Simple hash functions • The SHA secure hash function SHA-3 • Message authentication codes • HMAC • Digital Signatures