a. The cryptography systems that we have studied so far provide secrecy or confidentiality, but not integrity.

b. However, there are occasions where we may not even need secrecy but instead must have integrity.

c. One way to preserve the integrity of a document is through the use of a fingerprint. E.g. If Alice needs to be sure that the contents of her document will not be changed she can put her fingerprint at the bottom of the document.

d. The electronic equivalent of document and fingerprint pair is the message and digest pair.

e. The two pairs (document / fingerprint) and (message / message digest) are similar with some differences.

f. The document and fingerprint are physically linked together. The message and message digest can be unlinked separately and most importantly the message digest needs to be safe from change.

g. A message digest does not authenticate the sender of the message.

h. To provide message authentication, Alice needs to provide proof that it is Alice sending the message and not an impostor.

i. The digest created by a cryptographic hash function is normally called a modification detection code (MDC). What we need for message authentication is a message authentication code (MAC).

j. A modification detection code (MDC) is a message digest that can prove the integrity of the message that message has not been changed.

k. If Alice needs to send a message to Bob and be sure that the message will not change during transmission, Alice can create a message digest, MDC and send both the message and the MDC to Bob.

l. Bob can create a new MDC from the message and compare the received MDC and the new MDC. If they are the same, the message has not been changed.

m. The difference between MDC and MAC is that the second include a secret key between Alice and Bob.

n. The security of a MAC depends on the security of the underlying hash algorithm.

o. HMAC: Hash function is a public function that maps a message of any length into a fixed length hash value which serves as its authenticator.

p. Figure shows the basic procedure involved in authentication using hash function.

q. The sender generates the message ‘M’ and the hash value ‘h’ is calculated by subjecting M to hash function as h = H(M). This value is appended to the message at the source.

r. The receiver authenticates the message by re-computing the hash value from the message and then computing it with the received hash value.

s. Authentication is based on the fact that it is not possible for an attacker to modify the message and the hash value accordingly.

t. Hence, even if an attacker modifies the message, it will be detected at the receiving end as the calculated and the received hash value will not match.