Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
12 views5 pages

Mod 2 1. Message Integrity: Definition and Applications: Mac F (K, M) K M F

The document discusses various concepts related to message integrity and authentication, including definitions, applications, and security features of Message Authentication Codes (MAC), Parallelizable MAC (PMAC), Hash-based MAC (HMAC), and Authenticated Encryption (AE). It also covers active attacks, chosen-ciphertext security (CCA-Security), and the role of Key Distribution Centres (KDCs) in secure key exchange. Key applications include secure communication protocols, file integrity verification, and enterprise authentication systems.

Uploaded by

darshneesunderraj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views5 pages

Mod 2 1. Message Integrity: Definition and Applications: Mac F (K, M) K M F

The document discusses various concepts related to message integrity and authentication, including definitions, applications, and security features of Message Authentication Codes (MAC), Parallelizable MAC (PMAC), Hash-based MAC (HMAC), and Authenticated Encryption (AE). It also covers active attacks, chosen-ciphertext security (CCA-Security), and the role of Key Distribution Centres (KDCs) in secure key exchange. Key applications include secure communication protocols, file integrity verification, and enterprise authentication systems.

Uploaded by

darshneesunderraj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

MOD 2

1. Message Integrity: Definition and Applications

Definition:​
Message integrity ensures that the message has not been altered or tampered with during
transmission. It guarantees that the received message is exactly the same as the original
one sent by the sender.

Applications:

●​ Ensuring file and message authenticity in communication protocols (e.g., HTTPS,


SSL/TLS).​

●​ Verifying software downloads (via hash/MAC codes).​

●​ Secure email (e.g., PGP).​

●​ Blockchain transaction integrity.​

2. MAC (Message Authentication Code)

Definition:​
A Message Authentication Code is a short piece of information used to authenticate a
message and provide integrity and authenticity. It is generated using a secret key and a
message.

Construction:

●​ Let MAC = F(K, M) where:​

○​ K is the secret key​

○​ M is the message​

○​ F is a deterministic function​

Security:​
A secure MAC ensures that without knowing the key, an attacker cannot create a valid MAC
for any new message.

Applications:
●​ Verifying message origin and integrity in network communications (e.g., IPsec, SSH).​

●​ Secure payment systems.​

3. PMAC (Parallelizable MAC)

Definition:​
PMAC is a type of MAC that allows parallel processing, enhancing speed and performance.
It is suitable for high-speed applications.

Key Features:

●​ Based on block ciphers (e.g., AES).​

●​ Allows multiple blocks of the message to be processed in parallel.​

●​ Deterministic and secure under the assumption that the underlying block cipher is
secure.​

Applications:

●​ High-performance computing environments.​

●​ Systems requiring low-latency authentication.​

4. HMAC (Hash-based MAC)

Definition:​
HMAC uses a cryptographic hash function (like SHA-256) and a secret key to generate a
MAC.

Construction:

plaintext
CopyEdit
HMAC(K, M) = H((K' ⊕ opad) || H((K' ⊕ ipad) || M))

Where:

●​ H is a cryptographic hash function​


●​ K' is the key (padded or shortened)​

●​ ipad and opad are inner and outer padding constants​

Properties:

●​ Resistant to length extension attacks.​

●​ Can use any hash function (MD5, SHA-1, SHA-256, etc.).​

Applications:

●​ TLS, IPsec, and other secure protocols.​

●​ Data integrity checks in APIs and cloud storage.​

5. Authenticated Encryption (AE)

Definition:​
Authenticated Encryption simultaneously provides confidentiality (via encryption) and
authenticity/integrity (via MAC).

Types:

●​ Encrypt-then-MAC (EtM) – most secure and widely used​

●​ MAC-then-Encrypt (MtE) – less common, used in older protocols​

●​ Encrypt-and-MAC (E&M) – simple but not recommended​

AEAD (Authenticated Encryption with Associated Data):

●​ Handles additional data (e.g., headers) that must be authenticated but not encrypted.​

Examples:

●​ GCM (Galois/Counter Mode)​

●​ CCM (Counter with CBC-MAC)​

Applications:
●​ Securing data packets in protocols like TLS 1.2+, IPsec.​

●​ Encrypting and authenticating files or tokens in secure storage systems.​

6. Active Attacks and Chosen-Ciphertext Security (CCA-Security)

Active Attacks:

●​ The attacker can alter, inject, or replay messages.​

●​ More dangerous than passive attacks (eavesdropping).​

●​ Examples: Man-in-the-middle (MITM), replay attacks, injection attacks.​

CCA-Security (Chosen-Ciphertext Attack Security):

●​ A cryptosystem is CCA-secure if it remains secure even when the attacker can


decrypt arbitrary ciphertexts (except the challenge one).​

●​ IND-CCA2 (Adaptive CCA) is the standard model for modern encryption.​

Importance:

●​ Prevents attacks like padding oracle attacks.​

●​ Ensures robustness against real-world attacks.​

Examples of CCA-secure systems:

●​ RSA-OAEP (Optimal Asymmetric Encryption Padding)​

●​ Authenticated encryption schemes like GCM​

7. Key Distribution Centres (KDCs)

Definition:​
A Key Distribution Centre is a trusted third-party server that facilitates secure exchange of
secret keys between users in a network.

Working:
●​ Each user shares a secret key with the KDC.​

●​ When two users want to communicate, the KDC provides a session key encrypted
with both users' keys.​

Steps:

1.​ Request: User A asks KDC for communication with User B.​

2.​ KDC Response:​

○​ Generates a session key.​

○​ Sends encrypted session key to both A and B using their respective keys.​

Benefits:

●​ Simplifies key management in large networks.​

●​ Minimizes the number of keys each user must store.​

Drawbacks:

●​ Single point of failure.​

●​ Scalability issues for very large systems.​

Example Protocol:

●​ Kerberos (widely used in enterprise authentication systems)​

Applications:

●​ Enterprise SSO (Single Sign-On)​

●​ Secure communication in closed networks

You might also like