Scribd
Upload
21 views30 pages

Message Authentication Codes

The document discusses various methods of authentication, including message encryption, message authentication codes (MAC), and hash functions. It explains symmetric and public-key encryption techniques for ensuring confidentiality and authentication, as well as the requirements for digital signatures. Additionally, it covers error control methods and the digital signature process, emphasizing the importance of verification and security in message authentication.

Uploaded by

fehopox550
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
21 views30 pages

Message Authentication Codes

The document discusses various methods of authentication, including message encryption, message authentication codes (MAC), and hash functions. It explains symmetric and public-key encryption techniques for ensuring confidentiality and authentication, as well as the requirements for digital signatures. Additionally, it covers error control methods and the digital signature process, emphasizing the importance of verification and security in message authentication.

Uploaded by

fehopox550
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 30

Message Authentication

Codes
What is authentication?
• Verification of user Identity
• Types of Authentication
1. Message Encryption
2. Message authentication Code
3. Hash function
Message Encryption
• Conversion of PT to CT, CT acts as Authenticator

Message Authentication Code


• C(M,K)=code i.e. Fixed length code i.e MAC

Hash Function
• Hash Function does not depend on Key, Similar like MAC
Types of authentication
Symmetric Encryption: confidentiality and authentication (Method 1)

• A message transmitted from source A to destination B is encrypted using a secret key


shared by A and B.
• If no other party knows the key, then confidentiality is provide
• B is assured that the message was generated by A. Why? The message must have come
from A, because A is the only other party that possesses and therefore the only other
party with the information necessary to construct ciphertext that can be decrypted with .
• if PT is recovered, B knows that none of the bits of have been altered, because an
opponent that does not know would not know how to alter bits in the ciphertext to
produce the desired changes in the plaintext
Public-key encryption: Confidentiality (Method 2)

• The source (A) uses the public key of the destination (B) to encrypt .
• Because only B has the corresponding private key , only B can decrypt the
message.
• This scheme provides no authentication, because any opponent could also
use B’s public key to encrypt a message and claim to be A.
Public-key encryption: Authentication and Signature (No
Confidentiality) (Method 3)

• A uses its private key to encrypt the message, and B uses A’s public key to
decrypt.
• The message must have come from A because A is the only party that possesses
and therefore the only party with the information necessary to construct
ciphertext that can be decrypted with .
• In effect, A has “signed” the message by using its private key to encrypt
• Anyone in possession of A’s public key can decrypt the ciphertext.
Public-key encryption: confidentiality, authentication,
and signature (Method 4)

• A can encrypt first using its private key, which provides the
digital signature, and then using B’s public key, which provides
confidentiality.
• The disadvantage of this approach is that the public-key
algorithm, which is complex, must be exercised four times
rather than two in each communication.
Internal Error Control
External error control
Message Authentication Code
Message authentication and confidentiality;
authentication tied to plaintext
Message authentication and confidentiality;
authentication tied to ciphertext
Hash Function
HMAC Algorithm
SHA 512
MACS
BASED ON
HASH
FUNCTIONS:
HMAC
1024 bits 1024 bits

1024 bits
K + can be of
any length , if
it is less than
1024 bits
then append
it with 0’s so
that it
becomes
1024 Key size
Ipad is
00110110 (36
in
hexadecimal)
repeated b/8
times i.e.
1024/8 =128
times
Ipad is
512 00110110 (36
in
hexadecimal)
512 repeated b/8
1024 bits 512 with padding 1024 bits times i.e.
1024/8 =128
times
512
512
Assignment No: 2
1. Explain Internal and External Error control Message authentication
function.
2. With respect to security of MACs explain Brute force attack and
Cryptanalysis attack.
3. What are the requirements for Message authentication code
Digital Signature

• Generic Model of Digital Signature Process


The digital signature must have the following
properties:
• It must verify the author and the date and time of the signature.
• It must authenticate the contents at the time of the signature.
• It must be verifiable by third parties, to resolve disputes
• Simplified Depiction of Essential Elements of Digital Signature Process
DSS Approach
DSS Verifying & Signing
Digital Signature Requirements
• The signature must be a bit pattern that depends on the message
being signed.
• The signature must use some information unique to the sender to
prevent both forgery and denial.
• It must be relatively easy to produce the digital signature.
• It must be relatively easy to recognize and verify the digital signature.
• It must be computationally infeasible to forge a digital signature,
either by constructing a new message for an existing digital signature or
by constructing a fraudulent digital signature for a given message.
• It must be practical to retain a copy of the digital signature in
storage.
Global Component Signing Process

• p is a prime number
2 l-1 < p < 2 l
l → length of bit (PT)

• q → prime divisor of (p-1) p=17; p-1=16,then 2 is the prime divisor

• g→ global Component

• g= h(p-1/q) mod q h→ is any integer 1< h<p-1


User Private key - Signing Process
• X→ any random number 0< x< q

User Public key - Signing Process


• Y= gX mod p

Choose K value - Signing Process


• K is any integer 0<k< q
Signing Process

• s→ (K -1 (H(M)+x.r) mod q H(M) is hash value of msg

• r→= (gK mod p) mod q


• V=[ g u1 . y u2 mod p] mod q

• u1= [H(M’) W] mod q


• w=(s’)-1 mod q
• u2=[r’ w] mod q

You might also like