Authentication of message is concerned with:

a. Protecting the integrity of a message

b. Validating identity of originator

c. Non-repudiation of origin (dispute resolution)

Authentication Requirements :

a) Disclosure:

• Release of message contents to any person or process not possessing the appropriate cryptographic key

b) Traffic analysis:

• Discovery of the pattern of traffic between parties

• In a connection oriented application, the frequency and duration of connections could be determined

• The number and length of message between parties could be determined on both environment.

c) Masquerade:

• Insertion of messages into the network from a fraudulent source.

• Includes the creation of messages by an opponent that are purported to come from an authorized entity.

• Also included a fraudulent acknowledgements of message receipt or non-receipt by someone else.

d) Content Modification:

• Changes to the contents of a message, including insertion, deletion, transposition and modification

e) Sequence Modification:

• Any modification to a sequence of message between parties, including insertion, deletion and reordering

f) Timing modification

• Delay or replay of messages

• In a connection oriented application, an entire session or sequence of messages could be replay of some previous valid session of individual messages in the sequence could be delayed or replayed.

• In a connection less application, an individual message (e.g Data gram) could be delayed or deplayed.

g) Source Repudiation:

• denial of transmission of message by destination

h) Destination repudiation:

• Denial of receipt of message by destination.