Scribd
Upload
42 views

Chapter 11 Message Integrity & Authentication

Uploaded by

seyic27274
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
42 views

Chapter 11 Message Integrity & Authentication

Uploaded by

seyic27274
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

Message Integrity

and
Message Authentication
Objectives

❏ To define message integrity


❏ To define message authentication
❏ To define criteria for a cryptographic hash function
❏ ❏ To distinguish between an MDC and a MAC
❏ To discuss some common MACs
11-1 MESSAGE INTEGRITY

The cryptography systems that we have studied so far


provide secrecy, or confidentiality, but not integrity.
However, there are occasions where we may not even
need secrecy but instead must have integrity.

Topics discussed in this section:


11.1 Document and Fingerprint
11.2 Message and Message Digest
11.3 Difference
11.4 Checking Integrity
11.5 Cryptographic Hash Function Criteria
Document and Fingerprint

One way to preserve the integrity of a document is through


the use of a fingerprint. If Alice needs to be sure that the
contents of her document will not be changed, she can put
her fingerprint at the bottom of the document.
Message and Message Digest

The electronic equivalent of the document and fingerprint


pair is the message and digest pair. To preserve the
integrity of a message, the message is passed through an
algorithm called a cryptographic hash function

Figure 11.1 Message and digest


Difference

The two pairs (document / fingerprint) and (message /


message digest) are similar, with some differences. The
document and fingerprint are physically linked together.
The message and message digest can be unlinked
separately, and, most importantly, the message digest needs
to be safe from change.

The message digest needs to be safe from change.


Checking Integrity

Figure 11.2 Checking integrity


Cryptographic Hash Function Criteria

A cryptographic hash function must satisfy three criteria:


preimage resistance, second preimage resistance, and
collision resistance.

Figure 11.3 Criteria of a cryptographic hash function


11.1.5 Continued

Preimage Resistance

Figure 11.4 Preimage


11.1.5 Continued

Example 11.2

Can we use a checksum function as a cryptographic hash function?

Solution
We cannot. A checksum function is not preimage resistant, Eve may
find several messages whose checksum matches the given one.
11.1.5 Continued

Second Preimage Resistance

Figure 11.5 Second preimage


11.1.5 Continued

Collision Resistance

Figure 11.6 Collision


11-3 MESSAGE AUTHENTICATION

A message digest does not authenticate the sender of the


message. To provide message authentication, Alice
needs to provide proof that it is Alice sending the
message and not an impostor. The digest created by a
cryptographic hash function is normally called a
modification detection code (MDC). What we need for
message authentication is a message authentication code
(MAC).
Topics discussed in this section:
11.3.1 Modification Detection Code (MDC)
11.3.2 Message Authentication Code (MAC)
11.3.1 Modification Detection Code (MDC)

A modification detection code (MDC) is a message digest


that can prove the integrity of the message: that message
has not been changed.

If Alice needs to send a message to Bob and be sure that


the message will not change during transmission, Alice
can create a message digest, MDC, and send both the
message and the MDC to Bob. Bob can create a new
MDC from the message and compare the received MDC
and the new MDC. If they are the same, the message
has not been changed.
11.3.1 Continued

Figure 11.9 Modification detection code (MDC)


11.3.2 Message Authentication Code (MAC)

Figure 11.10 Message authentication code


11.3.2 Continued

Note
The security of a MAC depends on the security of the
underlying hash algorithm.
11.3.2 Continued

Nested MAC
Figure 11.11 Nested MAC
11.3.2 Continued

Figure 11.13 CMAC

You might also like