What are message authentication and Hash functions and how they are used?

Similar questions

What are the various ways in which message authentication can be done?

Marks: 10 M

Year: Dec 2013

1 Answer
  1. Message authentication is a mechanism or service used to verify the integrity of a message.
  2. Message authentication assures that data received is exactly same as sent by the transmitter ( i.e contains no modification, insertion, detection or replay )
  3. The following attacks can be identifies :

    a) Disclosure :Release of message contents to any person or process not processing the appropriate cryptographic key.

    b) Traffic Analysis: Discovery of pattern of traffic between parties.

    c) Masquerede: Insertion of messages into the network from a fraudulent source. This includes the creation of messages by an opponent that are purported to come from an authorized entity.

    d) Content Modification : Changes made to the content of a message including insertion , detection etc.

    e) Sequence Modification: Any modification to the sequence of messages.

    f) Timing Modification: Delay or replay of a message.

    g) Source Reproduction: Denial of transmission of message by source.

    h) Destination Reputation: Denial of receipt of message by destination

  4. Measures to deal with:

    • Disclosure, Traffic Analysis : Message confidentiality
    • Masquerade, Content Modification, Sequence Modification, Timing Modification : Message Authentication
    • Source Reproduction: Need of digital signature.
    • Destination Reputation: Protocol designed to counter the attack.
  5. Authentication Function:

    A message authentication has two levels of functionality

    At lower level: Authenticator (A value to be used to authenticate the message)

    At higher level: Authentication Protocol

    (Enables receiver to verify the authenticity of a message)

  6. The types of functions that may be used to produce an authentication are:

    • Message encryption: The ciphertext of the entire message serves as authentication.
    • Message Authentication Code (MAC): A secret key of fixed length value that serves as the authenticator.
    • Hash Function: A function that maps the message of any length into a fixed length hash value which serves as the authenticator.
    • Message Encryption:

      a) Symmetric Encryption: Confidentiality and authentication

Figure 5.12.a Symmetric Encryption

$$\text{Figure 5.12.a Symmetric Encryption}$$

    • Key k is shared by A and B.
    • No other party knows the key
    • B is assured that message has come from A -> A is the only other party that is having k.

      b) Public key encryption: Confidentiality

    Figure 5.12.bPublic Key encryption

    $$\text{Figure 5.12.bPublic Key encryption}$$

    • No authentication because any opponent could also use B’s public key to encrypt a message claiming to be from A.

      c) Public Key encryption ( Authentication and Signature)

    Figure 5.12.c Public Key encryption

    $$\text{Figure 5.12.c Public Key encryption}$$

    • Does not provide confidentiality because anyone in possession of A’s public key can decrypt the ciphertext.

      d) Public key encryption : Confidentiality , authentication and signature

    Figure 5.12.d Public key encryption

    $$\text{Figure 5.12.d Public key encryption}$$

Please log in to add an answer.