Unit 4

#Message Aunthentication:

Message authentication is a process of verifying the authenticity and integrity of a message or data to
ensure that it has not been tampered with or altered during transmission. The main objective of
message authentication is to confirm that the message originated from the expected sender and that its
content has remained intact.

There are several techniques and algorithms used for message authentication, including:

1. Cryptographic Hash Functions: These functions take an input message and produce a fixed-size hash
value, which is unique to the input data. Any alteration in the message will result in a different hash
value. The recipient can compute the hash of the received message and compare it with the original
hash to verify its integrity.

2. Message Authentication Codes (MACs): A MAC is a cryptographic construct that uses a secret key to
generate a unique authentication code for a message. The sender computes the MAC using the message
and the secret key, and appends it to the message. The recipient can then recompute the MAC using the
received message and the shared secret key and compare it with the received MAC for verification.

3. Digital Signatures: Digital signatures provide both message authentication and non-repudiation. They
are created using asymmetric cryptography, where the sender uses their private key to sign the
message, and the recipient can use the sender's public key to verify the signature. If the signature is
valid, it confirms the authenticity and integrity of the message.

4. Public Key Infrastructure (PKI): PKI is a framework that provides the infrastructure for managing digital
certificates and public-private key pairs. It enables the secure distribution and verification of digital
signatures and facilitates trusted communication between parties.

Overall, message authentication techniques are crucial in ensuring the integrity and origin of
transmitted data, preventing unauthorized modifications or impersonation, and maintaining secure
communication channels.

#Authentication Requirements:

 Disclosure: Release of message contents to any person or process not possessing the
appropriate cryptographic key.

 Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-oriented

application, the frequency and duration of connections could be determined. In either a
connection-oriented or connectionless environment, the number and length of messages
between parties could be determined.

 Masquerade: Insertion of messages into the network from a fraudulent source. This includes the
creation of messages by an opponent that are purported to come from an authorized entity.
  Content modification: Changes to the contents of a message, including insertion, deletion,
transposition, and modification.

 Sequence modification: Any modification to a sequence of messages between parties, including

insertion, deletion, and reordering.

 Timing modification: Delay or replay of messages. In a connection-oriented application, an

entire session or sequence of messages could be a replay of some previous valid session, or
individual messages in the sequence could be delayed or replayed. In a connectionless
application, an individual message (e.g., datagram) could be delayed or replayed.

 Source repudiation: Denial of transmission of message by source.

 Destination repudiation: Denial of receipt of message by destination.

#Message Authentication Functions: All message authentication and digital signature mechanisms are
based on two functionality levels:

 Lower level: At this level, there is a need for a function that produces an authenticator, which is
the value that will further help in the authentication of a message.

 Higher-level: The lower level function is used here in order to help receivers verify the
authenticity of messages.

These message authentication functions are divided into three classes:

 Message encryption: While sending data over the internet, there is always a risk of a Man in the
middle(MITM) attack. A possible solution for this is to use message encryption. In message
encryption, the data is first converted to a ciphertext and then sent any further. Message
encryption can be done in two ways:

1. Symmetric Encryption: Say we have to send the message M from a source P to destination Q.
This message M can be encrypted using a secret key K that both P and Q share. Without this key
K, no other person can get the plain text from the ciphertext. This maintains confidentiality.
Further, Q can be sure that P has sent the message. This is because other than Q, P is the only
party who possesses the key K and thus the ciphertext can be decrypted only by Q and no one
else. This maintains authenticity. At a very basic level, symmetric encryption looks like this:
 2. Public key Encryption :Public key Encryption is not as advanced as symmetric encryption as it
provides confidentiality but not authentication. To provide both authentication and
confidentiality, the private key is used.

 Message authentication code (MAC): A message authentication code is a security code that the
user of a computer has to type in order to access any account or portal. These codes are
recognized by the system so that it can grant access to the right user. These codes help in
maintaining information integrity. It also confirms the authenticity of the message.

 Hash function: A hash function is nothing but a mathematical function that can convert a
numeric value into another numeric value that is compressed. The input to this hash function
can be of any length but the output is always of fixed length. The values that a hash
function returns are called the message digest or hash values.

#Message Authentication Codes:

-A message authentication code or MAC is a security code or tag that is appended to the message sent
by the sender to the receiver for providing message authentication and integrity (no alteration in
message).

-It is similar to Message Digest (MD) except that it uses the symmetric key cryptography process to
authenticate a message i.e., the same key is shared between sender and receiver. The keyed hash
function is another name for the message authentication code. MAC is also referred to as Cryptographic
Checksum.

-MAC = C (K, M), where K is a shared secret key and M is a message to be authenticated.

-A message authentication code (MAC) algorithm takes a message to be authenticated & a secret key
that is known only to the sender of the message and the receiver of the message & produces a MAC as
an output. By using MAC, a receiver can check the integrity of the message & authenticity of the
message i.e., whether it is coming from the correct sender or not. MAC does not provide Non-
Repudiation.

-In electronic money transfers, message authentication codes (MACs) are employed to ensure
information integrity.

-How message authentication code (MAC) works?

There are four important components used for generating a Message Authentication Code (MAC):

1. The message of arbitrary length

2. Key

3. MAC algorithm

4. MAC value
The sender and receiver share the same secret key to produce a Message Authentication Code or
Cryptographic Checksum. This generated MAC is appended to the message and sent to the receiver. At
the receiving end, the receiver also generates the Message Authentication Code (MAC) with the same
shared key which is compared with the MAC generated by the sender. If both the MACs are equal, then
the message is valid and coming from the correct sender, otherwise, the message is invalid.

#Hash functions

-A hash function is a mathematical function that converts a numerical input value into another
compressed numerical value. The input to the hash function is of arbitrary length but output is always of
fixed length.

-Values returned by a hash function are called message digest or simply hash values. The following
picture illustrated hash function −

-cryptographic hash functions exhibit these three properties:

 They are “collision-free.” This means that no two input hashes should map to the same output
hash.

 They can be hidden. It should be difficult to guess the input value for a hash function from
its output.

 They should be puzzle-friendly. It should be difficult to select an input that provides a pre-
defined output. Thus, the input should be selected from a distribution that's as wide as
possible.

-They are used for

  Message authentication
 Digital signature
 To create a one-way password file.
 For intrusion detection and virus detection.

#Security of hash functions and MACs: The security of hash functions and Message Authentication
Codes (MACs) can be analyzed in terms of their resistance to brute force attacks and cryptanalysis
techniques. Let's explore these aspects:

1. Brute Force Attacks:

- Hash Functions:

The security of a hash function against brute force attacks depends on the length of its output
(hash length) and the computational effort required to find a collision or preimage. A longer hash length
increases the size of the hash space, making it computationally infeasible to exhaustively search for
collisions or preimages. Secure hash functions like SHA-256 or SHA-3 with sufficient hash lengths are
designed to withstand brute force attacks.

- MACs:

The security of a MAC against brute force attacks lies primarily in the secrecy and length of the
key. A longer and well-chosen key increases the key space, making it more difficult and time-consuming
for an attacker to guess the key through exhaustive search. Using strong key generation methods and
sufficiently long keys is essential to resist brute force attacks on MACs.

2. Cryptanalysis:

- Hash Functions:

Cryptanalysis techniques aim to exploit weaknesses in hash functions to find collisions,

preimages, or other vulnerabilities. A secure hash function should have undergone extensive analysis,
with no known practical attacks that can significantly reduce its security properties. It is important to
use widely accepted and well-vetted hash functions, such as those standardized by reputable
cryptographic organizations (e.g., NIST or IETF), to minimize the risk of successful cryptanalytic attacks.

- MACs:

Cryptanalysis techniques can also target MAC algorithms to weaken their security properties.
Secure MAC algorithms, such as HMAC or CBC-MAC using strong block ciphers, have been extensively
studied and have no known practical vulnerabilities. The use of widely accepted and analyzed MAC
algorithms reduces the risk of successful cryptanalytic attack