Requirements - must be able to verify that: 1. Message came from apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. Protection against active attack (falsification of data and transactions) | Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden Henric Johnson OUTLINE Approaches to Message Authentication Secure Hash Functions and HMAC Public-Key Cryptography Principles Public-Key Cryptography Algorithms Digital Signatures Key Management Henric Johnson Authentication Requirements - must be able to verify that: 1. Message came from apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. Protection against active attack (falsification of data and transactions) Henric Johnson Approaches to Message Authentication Authentication Using Conventional Encryption Only the sender and receiver should share a key Message Authentication without Message Encryption An authentication tag is generated and appended to each message Message Authentication Code Calculate the MAC as a function of the message and the key. MAC = F(K, M) Henric Johnson Henric Johnson One-way HASH function Henric Johnson One-way HASH function Secret value is added before the hash and removed before transmission. Henric Johnson Secure HASH Functions Purpose of the HASH function is to produce a ”fingerprint. Properties of a HASH function H : H can be applied to a block of data at any size H produces a fixed length output H(x) is easy to compute for any given x. For any given block x, it is computationally infeasible to find x such that H(x) = h For any given block x, it is computationally infeasible to find with H(y) = H(x). It is computationally infeasible to find any pair (x, y) such that H(x) = H(y) Henric Johnson Simple Hash Function One-bit circular shift on the hash value after each block is processed would improve Henric Johnson Message Digest Generation Using SHA-1 Henric Johnson SHA-1 Processing of single 512-Bit Block Henric Johnson Other Secure HASH functions SHA-1 . | Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden Henric Johnson OUTLINE Approaches to Message Authentication Secure Hash Functions and HMAC Public-Key Cryptography Principles Public-Key Cryptography Algorithms Digital Signatures Key Management Henric Johnson Authentication Requirements - must be able to verify that: 1. Message came from apparent source or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. Protection against active attack (falsification of data and transactions) Henric Johnson Approaches to Message Authentication Authentication Using Conventional Encryption Only the sender and receiver should share a key Message Authentication without Message Encryption An authentication tag is generated and appended to each message Message Authentication Code Calculate the MAC as a function of the .