1、第 12章 消息认证码Message Authentication message authentication is concerned with protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) will consider the security requirements then three alternative functions used message encryption hash func
2、tion message authentication code (MAC)Security Requirements disclosure traffic analysis masquerade content modification sequence modification timing modification source repudiation destination repudiationSymmetric Message Encryption encryption can also provides authentication if symmetric encryption
3、 is used then: receiver know sender must have created it, since only sender and receiver know key used know content cannot have been altered, if message has suitable structure, redundancy or a checksum to detect any changesPublic-Key Message Encryption if public-key encryption is used: encryption pr
4、ovides no confidence of sender since anyone potentially knows public-key however if sender signs message using their private-key then encrypts with recipients public key have both secrecy and authentication again need to recognize corrupted messages but at cost of two public-key uses on messageHash
5、and MAC Algorithms Hash Functions condense arbitrary size message to fixed size by processing message in blocks through some compression function either custom or block cipher based Message Authentication Code (MAC) fixed sized authenticator for some message to provide authentication for message by
6、using block cipher mode or hash functionMessage Authentication Code (MAC) generated by an algorithm that creates a small fixed-sized blockdepending on both message and some keylike encryption though need not be reversible appended to message as a signature receiver performs same computation on messa
7、ge and checks it matches the MAC provides assurance that message is unaltered and comes from senderMessage Authentication Code a small fixed-sized block of data generated from message + secret key MAC = C(K, M) appended to message when sentMessage Authentication Codes as shown the MAC provides authe
8、ntication can also use encryption for secrecy generally use separate keys for each can compute MAC either before or after encryption is generally regarded as better done before why use a MAC? sometimes only authentication is needed (e.g., SNMP) sometimes need authentication to persist longer than th
9、e encryption (eg. archival use) note that a MAC is not a digital signatureMAC Properties a MAC is a cryptographic checksumMAC = CK(M)condenses a variable-length message Musing a secret key Kto a fixed-sized authenticator is a many-to-one function potentially many messages have same MAC but finding these needs to be very difficult
