Authentication Requirements for message
1 Answer

Authentication of message is concerned with:

a. Protecting the integrity of a message

b. Validating identity of originator

c. Non-repudiation of origin (dispute resolution)

Authentication Requirements :

a) Disclosure:

  • Release of message contents to any person or process not possessing the appropriate cryptographic key

b) Traffic analysis:

  • Discovery of the pattern of traffic between parties

  • In a connection oriented application, the frequency and duration of connections could be determined

  • The number and length of message between parties could be determined on both environment.

c) Masquerade:

  • Insertion of messages into the network from a fraudulent source.

  • Includes the creation of messages by an opponent that are purported to come from an authorized entity.

  • Also included a fraudulent acknowledgements of message receipt or non-receipt by someone else.

d) Content Modification:

  • Changes to the contents of a message, including insertion, deletion, transposition and modification

e) Sequence Modification:

  • Any modification to a sequence of message between parties, including insertion, deletion and reordering

f) Timing modification

  • Delay or replay of messages

  • In a connection oriented application, an entire session or sequence of messages could be replay of some previous valid session of individual messages in the sequence could be delayed or replayed.

  • In a connection less application, an individual message (e.g Data gram) could be delayed or deplayed.

g) Source Repudiation:

  • denial of transmission of message by destination

h) Destination repudiation:

  • Denial of receipt of message by destination.
Please log in to add an answer.