Scribd
Upload
7 views5 pages

Message Authentication Code

The document discusses Message Authentication Code (MAC) and Digital Signatures as cryptographic techniques for ensuring message integrity, authenticity, and non-repudiation in secure communications. MAC uses a shared secret key to verify message authenticity, while digital signatures leverage asymmetric cryptography for secure authentication. Both techniques are essential in various applications, including secure messaging, data encryption, and integrity assurance in electronic transactions.

Uploaded by

Moon M
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views5 pages

Message Authentication Code

The document discusses Message Authentication Code (MAC) and Digital Signatures as cryptographic techniques for ensuring message integrity, authenticity, and non-repudiation in secure communications. MAC uses a shared secret key to verify message authenticity, while digital signatures leverage asymmetric cryptography for secure authentication. Both techniques are essential in various applications, including secure messaging, data encryption, and integrity assurance in electronic transactions.

Uploaded by

Moon M
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Message Authentication Code

Secure communication over networks requires ensuring that messages are


not altered and originate from a legitimate sender. During transmission,
messages may be affected by malicious attacks or accidental changes,
such as noise. To address this issue, a cryptographic technique called
Message Authentication Code (MAC) is used.
 Message Authentication Code (MAC) verifies message integrity and
authenticity using a cryptographic technique.
 The sender and receiver share a secret key to generate an
authentication value.
 Sender creates a MAC value from the message and the key, then sends
both together.
 The receiver recomputes MAC, and matching values confirm
authenticity and no alteration.

Components of MAC

 Message (M): Original data to be transmitted.


 Key (k): Secret key shared between sender and receiver.
 MAC Algorithm: A function used to generate a MAC value.
 MAC Value (Tag): Fixed-size output used for verification.

Working of MAC

 Sender takes message M and secret key k.


 MAC algorithm generates a MAC value.
 Sender transmits (M, MAC).
 The receiver computes the MAC using the received message.
 The receiver compares both MAC values.
 If equal → Message is authentic.
 If not equal → Message is rejected.
Models of Message Authentication Code
There are different types of models of Message Authentication Code (MAC)
as follows:
1. MAC without encryption - This model can provide authentication but
not confidentiality as anyone can see the message.
2 Internal Error Code - In this model of MAC, sender encrypts the
content before sending it through network for confidentiality. Thus this
model provides confidentiality as well as authentication.

3External Error Code - For cases when there is an alteration in message,


we decrypt it for waste, to overcome that problem, we opt for external error
code. Here we first apply MAC on the encrypted message 'c' and compare
it with received MAC value on the receiver's side and then decrypt 'c' if they
both are same, else we simply discard the content received. Thus it saves
time.

Advantages
 Ensures message integrity by detecting any modification.
 Verifies authenticity of sender using shared secret key.
 Faster and more efficient compared to full encryption methods.
 Widely used across network security protocols.
 Provides simple and reliable method for message validation.
Limitations
 Does not provide confidentiality if used alone.
 Requires secure method for key sharing between parties.
 Weak algorithms increase risk of compromise.
 Cannot prevent replay attacks without additional controls.
 Key management becomes challenging in large systems.
Applications
 Used in secure communication protocols such as SSL/TLS.
 Supports API authentication for validating requests.
 Works alongside digital signatures for enhanced security.
 Protects banking and financial transactions from tampering.
 Ensures data integrity during transmission and storage.

Digital Signature
A digital signature is a cryptographic technique used to verify
the authenticity, integrity, and non-repudiation of a digital message or
document. It ensures that the message was created by a known sender
and that it has not been altered during transmission.

Key Components of Digital Signature

1. Key Generation Algorithm


Digital signatures use asymmetric cryptography, which involves a pair of
keys:
 Private Key: Kept secret by the owner and used to create the signature.
 Public Key: Shared with others and used to verify the signature.
This key pair ensures secure authentication during digital transactions.
2. Signing Algorithm
To create a digital signature:
1. A hash function is applied to the original message to generate a fixed-
length value called a message digest.
2. This message digest is then encrypted using the sender’s private
key.
3. The encrypted hash value forms the digital signature.
Instead of encrypting the entire message, only the hash is encrypted
because:
 Hash values are much shorter
 Hashing is faster than encryption
 It improves efficiency without reducing security
3. Signature Verification Algorithm
At the receiver’s side:
1. The digital signature is decrypted using the sender’s public key,
producing the original message digest.
2. The receiver independently computes the hash of the received message
using the same hash function.
3. Both hash values are compared:
 If they match → signature is valid
 If they differ → message integrity is compromised

Cryptography - Applications
In real life cryptography plays an important role. Cryptography is just all about
keeping our data or messages secure so only the intended person who sends it
and the one who is receiving the data or message can understand it. It is mostly
about encryption which means changing normal text into cipher text or in
encoded form and then changing it back to its normal form when received. Also,
cryptography is hiding information in pictures with the help of methods like
digital signature or blending it in.

Cryptography is mostly used to make messages secret when we send messages


to somebody. Here the simple thing is when we send the message to someone it
will get encrypted and when the person receives the message the message will
get decrypted so the person can read that message. So this is a very simple and
basic example and application of Cryptography. In this tutorial we will see
various applications of cryptography and how they use cryptography in our daily
lives.

Secure Messaging/Transmission

Secure messaging means sending messages, emails and files in such a way that
it will be received safely without being hacked or modified by the hackers. This
is very important as we do not want anyone else to read the private information
or see the sensitive information.

Storage/Data Encryption

Data encryption is just like keeping the information in a box which is locked and
before sending it via the internet or saving it in the device. It basically keeps our
sensitive data secure from hackers.

Integrity

Now we will discuss Integrity in secure transmission/messaging and secure data


storage.
Secure Transmission/Messaging

Some network users are not as concerned about privacy as they are about
integrity. In electronic funds transfers, funds transferred from one account to
another are usually in the public domain.

If a working tapper can produce fake transfers, money can be distributed


illegally. Inaccuracies in individual bits can result in millions of dollars in
incorrect credits or debits. Encryption techniques are often used to ensure that
intentional or accidental manipulation of data transmissions will not reflect
innocent behavior.

Secure Data Storage

The main reason for assuring the integrity of stored data is access control.
Access measures include lock and key systems, guards, and other physical or
logical measures.

With the recent advent of computer viruses this has changed dramatically, the
use of cryptographic checksums to ensure the integrity of encrypted data is
becoming more widespread.

You might also like