Authentication Requirements
Authentication Requirements
In the context of communications across a network, the following attacks can be identified:
Disclosure: Release of message contents to any person or process not possessing the
appropriate cryptographic key.
Masquerade: Insertion of messages into the network from a fraudulent source. This includes
the creation of messages by an opponent that are purported to come from an authorized
entity. Also included are fraudulent acknowledgments of message receipt or nonreceipt by
someone other than the message recipient.
Authentication Functions
Message encryption: The ciphertext of the entire message serves as its authenticator.
Message authentication code (MAC): A function of the message and a secret key that
produces a fixed-length value that serves as the authenticator.
Hash function:A function that maps a message of any length into a fixed-length hash value,
which serves as the authenticator.
Message Encryption
Message encryption by itself can provide a measure of authentication. The analysis differs for
symmetric and public-key encryption schemes.
Symmetric Encryption
Consider the straightforward use of symmetric encryption . A message M transmitted from
source A to destination B is
encrypted using a secret key K shared by A and B. If no other party knows the key, then
confidentiality is provided: No other party can recover the plaintext of the message.
M = input message
C = MAC function
K = shared secret key
MAC = message authentication code
The message plus MAC are transmitted to the intended recipient. The recipient performs the
same calculation on the received message, using the same secret key, to generate a new
MAC. The received MAC is compared to the calculated MAC (Figure 11.4a). If we assume
that only the receiver and the sender know the identity of the secret key, and if the received
MAC matches the calculated MAC, then The receiver is assured that the message has not
been altered. If an attacker alters the message but does not alter the MAC, then the receiver's
calculation of the MAC will differ from the received MAC. Because the attacker is assumed
not to know the secret key, the attacker cannot alter the MAC to correspond to the alterations
in the message.
1. The receiver is assured that the message has not been altered. If an attacker alters the
message but does not alter the MAC, then the receiver's calculation of the MAC will differ
from the received MAC. Because the attacker is assumed not to know the secret key, the
attacker cannot alter the MAC to correspond to the alterations in the message.
2. The receiver is assured that the message is from the alleged sender. Because no one else
knows the secret key, no one else could prepare a message with a proper MAC.
3. If the message includes a sequence number (such as is used with HDLC, X.25, and TCP),
then the receiver can be assured of the proper sequence because an attacker cannot
successfully alter the sequence number.
Hash Function
A variation on the message authentication code is the one-way hash function. As with the
message authentication code, a hash function accepts a variable-size message M as input and
produces a fixed-size output, referred to as ahash code H(M). Unlike a MAC, a hash code
does not use a key but is a function only of the input message. The hash code is also referred
to as a message digest or hash value. The hash code is a function of all the bits of the message
and provides an error-detection capability: A change to any bit or bits in the message results
in a change to the hash code.