Cryptography

An Introduction

Continued…

Shon Harris
CISSP, 5th Edition
 3.11 Message Integrity
Parity bits and cyclic redundancy check (CRC)
functions have been used in protocols to detect
modifications in streams of bits as they are passed
from one computer to another, but they can usually
detect only unintentional modifications.

Unintentional modifications can happen if a spike occurs in

the power supply, if there is interference or attenuation on a
wire, or if some other type of physical condition happens
that causes the corruption of bits as they travel from one
destination to another.
 Message Integrity
Parity bits cannot identify whether a message was
captured by an intruder, altered, and then sent on to
the intended destination. The intruder can just
recalculate a new parity value that includes his
changes, and the receiver would never know the
difference.

For this type of protection, hash algorithms are required to

successfully detect intentional and unintentional
unauthorized modifications to data. We will now dive into
hash algorithms and their characteristics.
 The One-Way Hash
A one-way hash is a function that takes a
variable-length string and a message and
produces a fixed-length value called a hash
value.

For example, if Ahmad wants to send a message to

Bilal and he wants to ensure the message does not
get altered in an unauthorized fashion while it is
being transmitted, he would calculate a hash value
for the message and append it to the message itself.
 The One-Way Hash
When Bilal receives the message,
he performs the same hashing function Ahmad
used and then compares his result with
the hash value sent with the message.

If the two values are the same, Bilal can be

sure the message was not altered during
transmission. If the two values are different,
Bilal knows the message was altered, either
intentionally or unintentionally, and he discards the
message.
 The One-Way Hash
The hashing algorithm is not a secret—it is publicly
known. The secrecy of the oneway hashing function is
its “one-wayness.” The function is run in only one
direction, not the other direction.

This is different from the one-way function used in

public key cryptography, in which security is
provided based on the fact that, without knowing a
trapdoor, it is very hard to perform the one-way
function backward on a message and come up with
readable plaintext.
 The One-Way Hash

The hashing one-way function takes place without

the use of any keys. Lets take a look at an example…
 One-way Hash Example
if Irfan writes a message, calculates a message digest,
appends the digest to the message, and sends it on to
Furqan, Khalid can intercept this message, alter Irfan’s
message, recalculate another message digest, append it to
the message, and send it on to Furqan. When Furqan
receives it, he verifies the message digest, but never knows
the message was actually altered by Khalid. Furqan thinks
the message came straight from Irfan and it was never
modified, because the two message digest values are the
same. If Irfan wanted more protection than this, he would
need to use message authentication code (MAC).
 3.11.1 Message Authentication Codes (MACs)

A MAC function is an authentication scheme derived

by applying a secret key to a message in some form.
This does not mean the symmetric key is used to
encrypt the message, though.

You should be aware of two basic types of MACs: a

hash MAC (HMAC), and CBC-MAC.
 HMAC Example
In the previous example, if Irfan were to use an
HMAC function instead of just a plain hashing
algorithm, a symmetric key would be concatenated
with his message. The result of this process would
be put through a hashing algorithm, and the result
would be a MAC value. This MAC value is then
appended to his message and sent to Furqan. If
Khalid were to intercept this message and modify it,
he would not have the necessary symmetric key to
create the MAC value that Furqan will attempt to
generate.
 Terminology
The idea of a hashing function is simple. You run a
message through a hashing algorithm, which in turn
generates a hashing value.

A hashing value can also be called a message

digest or fingerprint.
1. The sender puts the message through a hashing
function.
2. A message digest value is generated.
3. The message digest is appended to the message.
4. The sender sends the message to the receiver.
5. The receiver puts the message through a hashing
function.
6. The receiver generates his own message digest
value.
7. The receiver compares the two message digest
values. If they are the same, the message has not
been altered.
1. The sender concatenates a symmetric key with the
message.
2. The result is put through a hashing algorithm.
3. A MAC value is generated.
4. The MAC value is appended to the message.
5. The sender sends the message to the receiver. (Just the
message with the attached MAC value. The sender does not
send the symmetric key with the message.)
6. The receiver concatenates a symmetric key with the
message.
7. The receiver puts the results through a hashing algorithm
and generates his own MAC value.
8. The receiver compares the two MAC values. If they are the
same, the message has not been modified.
 Concatenation

Now, when we say that the message is concatenated

with a symmetric key, we don’t mean a symmetric key
is used to encrypt the message. The message is not
encrypted in an HMAC function, so there is no
confidentiality being provided.

Think about throwing a message in a bowl and then

throwing a symmetric key in the same bowl. If you
dump the contents of the bowl into a hashing
algorithm, the result will be a MAC value.
 HMAC & Symmetric Keys

This type of technology requires the sender and receiver to

have the same symmetric key.

The HMAC function does not involve getting the symmetric key
to the destination securely. That would have to happen through
one of the other technologies we have discussed already
(Diffie-Hellman and key agreement, or RSA and key exchange).
 3.11.2 CBC-MAC
If a CBC-MAC is being used, the message is encrypted with a
symmetric block cipher in CBC mode, and the output of the final
block of ciphertext is used as the MAC.

The sender does not send the encrypted version of the

message, but instead sends the plaintext version and the MAC
attached to the message. The receiver receives the plaintext
message and encrypts it with the same symmetric block
cipher in CBC mode and calculates an independent MAC
value. The receiver compares the new MAC value with the
MAC value sent with the message. This method does not use a
hashing algorithm as does HMAC.
 CBC-MAC
The use of the symmetric key ensures that the only
person who can verify the integrity of the message is
the person who has a copy of this key.

No one else can verify the data’s integrity, and if

someone were to make a change to the data, he
could not generate the MAC value (HMAC or CBC-
MAC) the receiver would be looking for. Any
modifications would be detected by the receiver.
 CBC-MAC
Now the receiver knows that the message came from
the system that has the other copy of the same
symmetric key, so MAC provides a form of
authentication.

It provides data origin authentication, sometimes

referred to as system authentication.

This is different from user authentication, which

would require the use of a private key.
 CBC-MAC

A private key is bound to an individual; a

symmetric key is not. MAC authentication
provides the weakest form of authentication
because it is not bound to a user, just to a
computer or device.