Chapter 2.

2
Message authentication and hash
function
Significance of Message Authentication

• The passage underscores the critical role of message

authentication in combating active attacks, particularly those
involving data falsification. It ensures the received data's
genuineness and origin, focusing on both content integrity and
sender authenticity. Additional concerns like timeliness and proper
sequencing contribute to the broader concept of data integrity.
Shortcomings of Symmetric Encryption

• Symmetric encryption, shared key-based, is insufficient for

authentication due to vulnerabilities like block reordering in ECB
mode, threatening data integrity. Additional measures are
necessary to address specific threats, beyond symmetric
encryption alone.
Message Authentication without Message Encryption

• This section delves into non-encryption-based message

authentication, employing authentication tags. Messages,
remaining unencrypted during transmission, address security gaps
where encryption alone may fall short..
Three situations are highlighted where message authentication without
confidentiality is preferred:
1. Broadcasted Messages: Single-destination authentication for broadcasted
messages, like network notifications.

2. Selective Authentication: Randomly authenticating messages in heavy traffic

scenarios to avoid decrypting all.

3. Program Authentication: Efficient plaintext program authentication using

message authentication tags.

Conclusion: Emphasizes the collaborative roles of authentication and

encryption for diverse security needs.
 Message Authentication Code
 A Message Authentication Code (MAC) involves using a shared secret key (KAB) to generate a
code (MACM) appended to a message. This code assures the receiver in three key aspects:

1) Integrity Assurance: The receiver is assured that the message hasn't been altered. If an attacker
changes the message without altering the code, the receiver's calculation differs, as the
attacker doesn't know the secret key.

2) Sender Authentication: The receiver is assured that the message is from the alleged sender.
Only the sender and receiver know the secret key, preventing others from preparing a message
with a valid code.

3) Sequence Number Assurance: If the message includes a sequence number, like in X.25, HDLC,
or TCP, the receiver can be confident in the proper sequence, as an attacker can't successfully
alter the sequence number.
Now we discusses code generation using algorithms, initially
recommending DES but now favoring AES for message
authentication. DES or AES encrypts the message, and bits of
the ciphertext form the code. While a 16- or 32-bit code was
typical, it's now considered too small for adequate collision
resistance. The process resembles encryption, but the
authentication algorithm need not be reversible, enhancing
security compared to decryption due to mathematical
properties.
Now we demonstrate a one-way hash function as an alternative to
the message authentication code. Similar to a MAC, a hash function
takes a message of variable size M and produces a message digest
of fixed size H(M). Padding is used for security, ensuring that it is
difficult for attackers to produce an alternative message with the
same hash value. Unlike MAC, the hash function does not require a
secret key. Three authentication methods using a hash function are
demonstrated, including encrypting the message digest using
symmetric cryptography.
Now we explores different methods of encrypting message digests for
authentication. One approach involves encrypting the message digest
with a shared encryption key between the sender and receiver, ensuring
authenticity. Another method is to encrypt the digest using public-key
encryption, providing a digital signature and authentication without key
distribution. These approaches require less computation than encrypting
the entire message. However, the text highlights a common alternative
that avoids encryption altogether, citing reasons such as the slowness of
encryption software, nonnegligible hardware costs, optimization issues
for small data blocks, and potential patent protection for encryption
algorithms.
(see Figure 2.5a,2.5b)
Figure 2.5c illustrates a technique called a keyed hash MAC for message
authentication, using a hash function without encryption. Assuming shared
secret key K between parties A and B, A calculates the hash function over the
concatenation of K, the message, and K again. The result [M, MDM] is sent
to B, who can verify it by recomputing H(K, M, K). The secret key isn't sent,
preventing message modification by an attacker as long as the key remains
secret. The key serves as both a prefix and suffix, enhancing security. Chapter
21 discusses HMAC, a more complex but standard approach for a keyed hash
MAC
 Secure Hash Functions
Secure hash functions, crucial for message authentication and digital
signatures, have specific requirements:

1) Applicability to blocks of any size.

2) Production of a fixed-length output.
3) Ease of computation for practical hardware and software implementation.
4) One-way property: Computationally infeasible to find x for which H(x) = h.
5) Second preimage resistance: Computationally infeasible to find y ≠ x with
H(y) = H(x).
6) Collision resistance: Computationally infeasible to find any (x, y) with H(x)
= H(y)
The first five properties are essential for practical use in message authentication. The
one-way property ensures a code is easily generated from a message, but inversely
generating a message from a code is virtually impossible. The remaining properties
prevent forgery and protect against attacks where one party generates a message for
another to sign.
Hash code strength against brute-force attacks depends on the length (n):
•Preimage resistant: 2n
•Second preimage resistant: 2n
•Collision resistant: 2n/2
Common hash function algorithms include SHA-1, SHA-2 (with variations like
SHA-256, SHA-384, SHA-512), and SHA-3. SHA-2, while secure, led to the
development of SHA-3 due to structural similarities with SHA-1. SHA-3 provides an
alternative.
Applications of hash functions extend beyond message
authentication:

1. Passwords: Hashing passwords for secure storage.

2. Intrusion detection: Verifying file integrity by storing and
comparing hash values.

These applications leverage hash function properties to ensure

security and integrity.
THANKYOU