Similar questions

What is the requirements on HASH and MAC functions?

Requirements of a Hash function

To be useful for message authentication a hash function H must have the following properties:

1. It can be applied to block of data of any size.

2. It produces a fixed length output.

3. H (x) should be relatively easy to compute for any given x making both hardware and software making both network and software implementations practical.

4. It is computationally infeasible to find x, such that with a random number ‘k’ generated for this particular signature.

5. The signature function also depends on the sender’s private key $(PR_a)$ and a set of parameters known to a group of communicating principles. We can consider this set to constitute a global public key $(PU_G)$. The result is a signature considering of 2 components, labeled s and r.

6. At the receiving end, the hash code of the incoming message is generated. This plus the signature is input to a verification function.

7. The verification function also depends on the global public key as well as the sender’s public key $(PU_a)$, which is paired with the sender’s private key.

8. The output of the verification function is a value that is equal to the signature component ‘r’ if the signature is valid.

9. The signature function is such that only the sender with knowledge of the private key, could have produced the valid signature.

$$\text{Figure 5.10.a) RSA approach}$$

$$\text{Figure 5.10.b) DSS approach}$$

Two approaches to Digital Signatures

Message Authentication Code (MAC)

1. An alternative authentication technique involves the use of a secret key to generate a small fixed size block of data known as cryptographic checksum of MAC that is appended to the message.

2. This technique assumes that the two communicating parties A and B share a common secret key k.

3. When A has a message to send to B it calculates the MAC as a function of the message and the key.

   MAC = C ( k, M)

   Where

M = Input message

C = MAC function

K = Shared secret key

[MAC = Message Authentication Code]

1. The message plus MAC are transmitted to the intended recipient.

2. The recipient performs the some calculation on received message, using the same secret key to generate a new MAC.

3. The received MAC is compared to the calculated.

Figure 5.11.a Message Authentication

Figure 5.11.b Message authentication and confidentiality: authentication tied to plaintext

Figure 5.11.c Message authentication and confidentiality, authentication tied to ciphertext

7.If we assume that only the receiver and the sender knows the identity of the secret key, and if the received MAC matches the calculated MAC then :

• The receiver is assumed that the message has not been altered. If an attacker allows alters the message but doesn’t alter the MAC then the receivers calculation of MAC will differ from received MAC.
• The receiver is assured that the message is from authenticated sender.
• If the message includes a sequence number then the receiver can be assured of proper sequence because of an attacks can’t alter the sequence number
• Confidentiality can be provided by using message encryption alter the MAC algorithm.