Scribd
Upload
15 views25 pages

Message Authentication & Hash Functions

The document discusses message integrity and authentication, focusing on concepts such as message authentication codes (MAC), cryptographic hash functions, and digital signatures. It explains the processes involved in generating hash values, the role of SHA-512, and the differences between conventional and digital signatures. Additionally, it outlines the importance of message authentication in ensuring data integrity and the limitations of asymmetric systems in digital signatures.

Uploaded by

Samrudhi Patil
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
15 views25 pages

Message Authentication & Hash Functions

The document discusses message integrity and authentication, focusing on concepts such as message authentication codes (MAC), cryptographic hash functions, and digital signatures. It explains the processes involved in generating hash values, the role of SHA-512, and the differences between conventional and digital signatures. Additionally, it outlines the importance of message authentication in ensuring data integrity and the limitations of asymmetric systems in digital signatures.

Uploaded by

Samrudhi Patil
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Message Integrity and

message Authentication

Module 4
Topics
• Message authentication codes (MAC),
• Hash functions,
• SHA-512,
• digital signatures
Cryptographic Hash Functions
• A hash function maps a variable-length message into a fixed-length
hash value, or message digest.
• Virtually all cryptographic hash functions involve the iterative use of a
compression function.
• The compression function used in secure hash algorithms falls into
one of two categories: a function specifically designed for the hash
function or an algorithm based on a symmetric block cipher. SHA and
Whirlpool are examples of these two approaches, respectively.
Hash Function
• A hash function H accepts a variable-length block of data as input and
produces a fixed-size hash value .
• A “good” hash function has the property that the results of applying
the function to a large set of inputs will produce outputs that are
evenly distributed and apparently random.
Applications of Cryptographic Hash
Functions
• Message Authentication (message authentication code (MAC), also
known as a keyed hash function.)
• Digital Signatures
• Intrusion detection
• Virus detection
Message Authentication
• Message authentication is a mechanism or service used to verify the
integrity of a message.
• Message authentication assures that data received are exactly as sent
(i.e., contain no modification, insertion, deletion, or replay)
a. The message plus concatenated hash code is
encrypted using symmetric encryption. Because only A
and B share the secret key, the message must have
come from A and has not been altered.

b. Only the hash code is encrypted, using symmetric


encryption. This reduces the processing burden for
those applications that do not require confidentiality.

c. It is possible to use a hash function but no encryption


for message authentication. The technique assumes that
the two communicating parties share a common
secret value S

d. Confidentiality can be added to the approach of


method (c) by encrypting the
entire message plus the hash code.
MAC
• MACs are used between two parties that share a secret key to authenticate
information exchanged between those parties.
• A MAC function takes as input a secret key and a data block and produces a
hash value, referred to as the MAC.
• This can then be transmitted with or stored with the protected message.
• If the integrity of the message needs to be checked, the MAC function can be
applied to the message and the result compared with the stored MAC value.
• An attacker who alters the message will be unable to alter the MAC value
without knowledge of the secret key.
• Note that the verifying party also knows who the sending party is because no
one else knows the secret key.
MAC
• A message authentication code (MAC) is an algorithm that requires the use
of a secret key.
• A MAC takes a variable-length message and a secret key as input and
produces an authentication code.
• A recipient in possession of the secret key can generate an authentication
code to verify the integrity of the message.
• One means of forming a MAC is to combine a cryptographic hash function
in some fashion with a secret key.
• Another approach to constructing a MAC is to use a symmetric block cipher
in such a way that it produces a fixed-length output for a variable length
input.
MAC
• An alternative authentication technique involves the use of a secret
key to generate a small fixed-size block of data, known as a
cryptographic checksum or MAC, that is appended to the message.
This technique assumes that two communicating parties, say A and B,
share a common secret key .When A has a message to send to B, it
calculates the MAC as a function of the message and the key:
Uses of -- Message Authentication
Codes
Message Digest Generation Using
SHA-512 Step 1 Append padding bits. The message is padded so that its
length is congruent to 896 modulo 1024 . Padding is always
added, even if the message is already of the desired length.
Thus, the number of padding bits is in the range of 1 to 1024.
The padding consists of a single 1 bit followed by the necessary
number of 0 bits.
Step 2 Append length. A block of 128 bits is appended to the
message. This block is treated as an unsigned 128-bit integer
(most significant byte first) and contains the length of the
original message (before the padding).
The outcome of the first two steps yields a message that is an
integer multiple of 1024 bits in length.
Step 3 Initialize hash buffer. A 512-bit buffer is used to hold
intermediate and final results of the hash function. The buffer
can be represented as eight 64-bit registers (a, b, c, d, e, f, g,
h).These registers are initialized to the following 64-bit
integers (hexadecimal values)
Step 4 Process message in 1024-bit (128-word) blocks. The
heart of the algorithm
is a module that consists of 80 rounds
Secure Hash Algorithm - SHA-512
Digital Signature
• electronic signature can prove the authenticity of Alice as the sender
of the message. We refer to this type of signature as a digital
signature.
Difference between conventional
and digital Signature
Inclusion
• A conventional signature is included in the document; it is part of the document. When we write a check, the signature is on the check; it
is not a separate document. But when we sign a document digitally, we send the signature as a separate document. The sender
• sends two documents: the message and the signature. The recipient receives both documents and verifies that the signature belongs to
the supposed sender. If this is proven, the message is kept; otherwise, it is rejected.
Verification Method
• For a conventional signature, when the recipient receives a document, she compares the signature on the document with the signature
on file. If they are the same, the document is authentic. The recipient needs to have a copy of this signature on file for
• comparison. For a digital signature, the recipient receives the message and the signature. A copy of the signature is not stored anywhere.
The recipient needs to apply a verification technique to the combination of the message and the signature to verify the authenticity.
Relationship
• For a conventional signature, there is normally a one-to-many relationship between a signature and documents. A person uses the same
signature to sign many documents. For a digital signature, there is a one-to-one relationship between a signature and a message. Each
message has its own signature. The signature of one message cannot be used in another message.
Duplicity
• In conventional signature, a copy of the signed document can be distinguished from the original one on file. In digital signature, there is
no such distinction unless there is a factor of time (such as a timestamp) on the document. For example, suppose Alice sends a
document instructing Bob to pay Eve. If Eve intercepts the document and the signature, she can replay it later to get money again from
Bob.
Digital Signature Process

A conventional signature is like a private “key” belonging to the signer of the document. The signer uses it
to sign documents; no one else has this signature. The copy of the signature is on file like a public key;
anyone can use it to verify a document, to compare it to the original signature.

In a digital signature, the signer uses her private key, applied to a signing algorithm, to sign the document.
The verifier, on the other hand, uses the public key of the signer, applied to the verifying algorithm, to
verify the document.
Adding Keys to Digital Signature
Process
Can we use a secret (symmetric)
key to both sign and verify a
signature?
• The answer is negative
• First, a secret key is known by only two entities (Alice and Bob, for example).
So if Alice needs to sign another document and send it to Ted, she needs to
use another secret key.
• Second, as we will see, creating a secret key for a session involves
authentication, which uses a digital signature. We have a vicious cycle.
• Third, Bob could use the secret key between himself and Alice, sign a
document, send it to Ted, and pretend that it came from Alice.
distinction between private and
public keys in digital Signature
• In the latter, the private and public keys of the receiver are used in the
process. The sender uses the public key of the receiver to encrypt; the
receiver uses his own private key to decrypt.
• In a digital signature, the private and public keys of the sender are
used. The sender uses her private key; the receiver uses the sender’s
public key.
Limitation of Asymmetric Systems
• asymmetric-key cryptosystems are very inefficient
• when dealing with long messages. In a digital signature system, the
messages are normally long, but we have to use asymmetric-key
schemes.
• The solution is to sign a digest of the message, which is much shorter
than the message
Signing the digest
Digital Signature
• Message Authentication
• A secure digital signature scheme, like a secure conventional signature (one that cannot be
easily copied) can provide message authentication (also referred to as data-origin
authentication).
• Message Integrity
• The integrity of the message is preserved even if we sign the whole message because we
cannot get the same signature if the message is changed.
• Nonrepudiation
• If Alice signs a message and then denies it, can Bob later prove that Alice actually signed it?
For example, if Alice sends a message to a bank (Bob) and asks to transfer $10,000 from her
account to Ted’s account, can Alice later deny that she sent this message? With the scheme
we have presented so far, Bob might have a problem. Bob must keep the signature on file
and later use Alice’s public key to create the original message to prove the message in the
file and the newly created message are the same.
Trusted third party for non-
repudiation
Digital Signature
• Confidentiality
• A digital signature does not provide confidential communication. If
confidentiality is required, the message and the signature must be encrypted
using either a secret-key or public-key cryptosystem.
ATTACKS ON DIGITAL SIGNATURE -
Types
• key-only - In the key-only attack, Eve has access only to the public
information released by Alice. To forge a message, Eve needs to create
Alice’s signature to convince Bob that the message is coming from Alice
• known-message - Eve has access to one or more message-signature pairs.
In other words, she has access to some documents previously signed by
Alice. Eve tries to create another message and forge Alice’s signature on it.
• chosen-message- , Eve somehow makes Alice sign one or more messages
for her. Eve now has a chosen-message/signature pair. Eve later creates
another message, with the content she wants, and forges Alice’s signature
on it

You might also like