3. Message Authentication
Encryption protects against passive attack (eavesdropping)
Falsification of data and transaction can be against active attack.
Message authentication protects against active attacks.
Message authentication is a procedure to allow parties to
verify that received message is authentic (content is not altered
and source is authentic).
4. Message Authentication …
Message authentication is concerned with :
◦ protecting the integrity of a message (or data)
◦ validating identity of originator
◦ non-repudiation of origin (dispute resolution)
How to achieve it :
◦ With message encryption
◦ Encrypt the whole message with symmetric key encryption (not suitable , for example, may change
the block sequence in transmission which causes to have different data)
◦ Without message encryption (is not provides)
◦ Message authentication code (MAC)
◦ One-way hash function
5. Message Authentication Code
A secret key is used to generate small block of data,
knows as a message authentication mode (MCA).
Key makes the technique more secure (altering the
message and recreating the MAC in the middle!).
Solution: NIST recommends to use DES algorithm
on the message and then use the last 16 or 32 bit of
ciphertext as MAC.
7. One-way Hash Function
Hash function: A transformation of a message of
arbitrary length into a fixed-length number
◦ h = H (M)
◦ No secret key
Hash function creates a fingerprint (message digest) of
◦ Used to detect changes to message
◦ usually assume hash function is public
◦ one-way property
◦ collision free (no same hash for two different data)
◦ cyclic redundancy check (CRC)
◦ XOR of every block of message
Good for data integrity, but useless for security
9. Simple Insecure Hash Functions
Bit-by-bit exclusive-OR (XOR) of every block
◦ Ci = bi1 xor bi2 xor . . . xor bim
One-bit circular shift on hash value
◦ rotate current hash value to left by 1bit and XOR block