COMPUTER AND Dr. A. M.

Miyim
Faculty of Computing
NETWORK SECURITY Federal University Dutse
OTHER ASPECTS OF SECURITY
Cryptography systems that we have studied so far provide confidentiality.
However, in modern communication, we need to take care of other
aspects of security, such as integrity, message and entity authentication,
nonrepudiation and key management.
Message Integrity: There are occasions where we may not even need
secrecy but instead must have integrity where the message remain
unchanged.
For example, Alice may write a will to distribute her estate upon her
death. The will does not need to be encrypted. After her death, any-one
can examine the will. The integrity of the will, however, needs to be
preserved. Alice does not want the contents of the will to be changed.
MESSAGE AND MESSAGE
DIGEST
One way to preserve the integrity of a document is through the use of a fingerprint.
If Alice needs to be sure that the contents of her document will not be changed, she
can put her fingerprint at the bottom of the document.
Eve cannot modify the contents of this document or create a false document because
she cannot forge Alice’s fingerprint.
To ensure that the document has not been changed, Alice’s fingerprint on the
document can be compared to Alice’s fingerprint on file. If they are not the same, the
document is not from Alice.
The electronic equivalent of the document and fingerprint pair is the message and
digest pair.
To preserve the integrity of a message, the message is passed through an algorithm
called a cryptographic hash function.
The function creates a compressed image of the message, called a digest, that can be
used like a fingerprint.
To check the integrity of a message or document, Bob runs the cryptographic hash
function again and compares the new digest with the previous one. If both are the
same, Bob is sure that the original message has not been changed.
MESSAGE AND MESSAGE
DIGEST CONT..
HASH FUNCTIONS
A cryptographic hash function takes a message of arbitrary length and
creates a message digest of fixed length.
All cryptographic hash functions need to create a fixed-size digest out of
a variable-size message.
Creating such a function is best accomplished using iteration.
Instead of using a hash function with variable-size input, a function with
fixed-size input is created and is used a necessary number of times.
The fixed-size input function is referred to as a compression function.
It compresses an n-bit string to create an m-bit string where n is normally
greater than m.
The scheme is referred to as an iterated cryptographic hash function.
Several hash algorithms were designed by Ron Rivest.
These are referred to as MD2, MD4, and MD5, where MD stands for
Message Digest.
The last version, MD5, is a strengthened version of MD4 that divides the
message into blocks of 512 bits and creates a 128-bit digest. It turns
out, however, that a message digest of size 128 bits is too small to
resist attack.
In response to the insecurity of MD hash algorithms, the Secure Hash
Algorithm was invented.
The Secure Hash Algorithm (SHA) is a standard that was developed by
the National Institute of Standards and Technology (NIST). SHA has gone
through several versions.
MESSAGE AUTHENTICATION
A digest can be used to check the integrity of a message—that the
message has not been changed.
To ensure the integrity of the message and the data origin
authentication—that Alice, not somebody else, is the originator of
the message—we need to include a secret shared by Alice and Bob
(that Eve does not possess) in the process; we need to create a
message authentication code (MAC).
MESSAGE AUTHENTICATION
CODE
PROCEDURE
Alice uses a hash function to create a MAC from the concatenation of the key
and the message, h(K + M).
She sends the message and the MAC to Bob over the insecure channel.
Bob separates the message from the MAC. He then makes a new MAC from the
concatenation of the message and the secret key.
Bob then compares the newly created MAC with the one received. If the two
MACs match, the message is authentic and has not been modified by an
adversary.
Note that there is no need to use two channels in this case. Both the message
and the MAC can be sent on the same insecure channel.
Eve can see the message, but she cannot forge a new message to replace it
because Eve does not possess the secret key between Alice and Bob. She is
unable to create the same MAC that Alice did.
A MAC provides message integrity and message authentication using a
combination of a hash function and a secret key.
HMAC
The National Institute of Standards and Technology (NIST) has
issued a standard for a nested MAC that is often referred to as
HMAC (hashed MAC). The implementation of HMAC is much more
complex than the simplified MAC.
DIGITAL SIGNATURE
Another way to provide message integrity and message authentication (and some
more security services) is a digital signature.
A MAC uses a secret key to protect the digest; a digital signature uses a pair of
private-public keys We are all familiar with the concept of a signature.
A person signs a document to show that it originated from her or was approved by
her. The signature is proof to the recipient that the document comes from the
correct entity.
When a customer signs a check, the bank needs to be sure that the check is issued
by that customer and nobody else.
In other words, a signature on a document, when verified, is a sign of
authentication⎯the document is authentic.
When Alice sends a message to Bob, Bob needs to check the authenticity of the
sender; he needs to be sure that the message comes from Alice and not Eve.
Bob can ask Alice to sign the message electronically. In other words, an electronic
signature can prove the authenticity of Alice as the sender of the message.
We refer to this type of signature as a digital signature.
COMPARISON BETWEEN CONVENTIONAL AND
DIGITAL
Type
SIGNATURE
of Conventional Digital
Signature
Inclusion A conventional signature is part But when we sign a document digitally,
of the document as it is included we send the signature as a separate
in the document. document.
Verification For a conventional signature, For a digital signature, the recipient
Method signature on the document are receives the message and the
compared with the signature on signature. A copy of the signature is not
file when recipient receives a stored anywhere. The recipient needs to
document to ensure If they are apply a verification technique to the
the same for authentiity. combination of the message and the
signature to verify the authenticity.
Relationship For a conventional signature, For a digital signature, there is a one-to-
there is normally a one-to-many one relationship between a signature
relationship between a signature and a message. Each message has its
and documents. A person uses own signature. The signature of one
the same signature to sign many message cannot be used in another
documents. message.
Duplicity With a conventional signature, a With a digital signature, there is no such
copy of the signed document distinction unless there is a factor of
can be distinguished from the time (such as a timestamp) on the
original one on file. document. For example, suppose
someone sends a document instructing
 THE DIGITAL SIGNATURE
PROCESS
 The Figure shows the digital
signature process where the sender
uses a signing algorithm to sign the
message. The message and the
signature are sent to the receiver.
 The receiver receives the message
and the signature and applies the
verifying algorithm to the
combination. If the result is true, the
message is accepted; otherwise, it is
rejected.
 A conventional signature, the signer
uses it to sign documents; no one
Can we use a secret (symmetric) key to both sign and verify a
else has this signature. The copy of
signature? The answer is negative for several reasons.
the signature on file is like a public
(i) First, a secret key is known by only two entities (Alice and
Bob, for example). So if Alice needs to sign another document key; anyone can use it to verify a
and send it to Ted, she needs to use another secret key. document, to compare it to the
(ii) Second, creating a secret key for a session involves original signature.
authentication, which uses a digital signature. We have a  In a digital signature, the signer uses
vicious cycle. his/her private key, applied to a
(iii) Third, Bob could use the secret key between himself and signing algorithm, to sign the
SIGNING THE DIGEST
 In a digital signature system, the messages are
normally long, but we have to use asymmetric-
key schemes. The solution is to sign a digest of
the message, which is much shorter than the
message.
 A carefully selected message digest has a one-
to-one relationship with the message. The
sender can sign the message digest and the
 Areceiver
digest can verifyout
is made theof message digest.
the message at The
the
effect is the same.
sender’s site. The digest then goes through the
signing process using the sender’s private key.
 The sender then sends the message and the
signature to the receiver.
 At the receiver’s site, using the same public hash
function, a digest is first created out of the
received message. The verifying process is
applied.
 If authentic, the message is accepted; otherwise,
 SERVICES
As discussed, several security services including message confidentiality, message
authentication, message integrity, and nonrepudiation, a digital signature can directly
provide the last three; for message confidentiality we still need encryption/decryption.
Message Authentication: A secure digital signature scheme, like a secure
conventional signature (one that cannot be easily copied) can provide message
authentication (also referred to as data-origin authentication). A receiver can verify that
the message is sent by a sender because the sender’s public key is used in verification.
However, the sender’s public key cannot verify the signature signed by the third party’s
private key.
Message Integrity: The integrity of the message is preserved if we sign the message or
the digest of the message because we cannot get the same digest if any part of the
message is changed. The digital signature schemes today use a hash function in the
signing and verifying algorithms that preserves the integrity of the message.
Nonrepudiation: If Alice (sender) signs a message and then denies it, can Bob
(receiver) later prove that Alice actually signed it? One solution is a trusted third party.
People can create and establish trusted party among themselves so that a trusted party
can prevent the message sender from denying sending such message.
Confidentiality: A digital signature does not provide confidential communication. If
confidentiality is required, the message and the signature must be encrypted using either
a symmetric-key or an asymmetric-key cipher.