chapter3 Public Key Cryptography and Message Authentication.pptx - Chapter 3 Public Key Cryptography and Message Authentication Learning Outcomes Define

Chapter3 Public Key Cryptography and Message Authentication.pptx

This preview shows page 1 - 12 out of 38 pages.

Chapter 3 Public Key Cryptography and Message Authentication
Image of page 1
Learning Outcomes Define MAC – message authentication code Explain the requirements for message authentication code Understanding Hash functions Explaining the operation of SHA-512 Present and overview of HMAC Describing public key crypto systems Presenting RSA algorithm Defining Diffie-Hellman key exchange
Image of page 2
Communication without authentication Alice M Bob Eve M’ Very easy.. Very easy.. Eve can simply change the message
Image of page 3
Approaches to Message Authentication Using conventional encryption Symmetric encryption alone is not a suitable tool for data authentication We assume that only the sender and receiver share a key, so only the genuine sender would be able to encrypt a message successfully The receiver assumes that no alterations have been made and that sequencing is proper if the message includes an error detection code and a sequence number If the message includes a timestamp , the receiver assumes that the message has not been delayed beyond that normally expected for network transit Without message encryption An authentication tag is generated and appended to each message for transmission The message itself is not encrypted and can be read at the destination independent of the authentication function at the destination Because the message is not encrypted, message confidentiality is not provided
Image of page 4
Message MAC K K Figure 3.1 Message Authentication Using a Message Authentication Code (MAC) Transmit MAC algorithm MAC algorithm Compare
Image of page 5
Integrity Protection with MAC Shared key k to generate authenticate message Alice M Bob Eve MAC (k,M) M’ MAC?? k=??, MAC=?? k=??, MAC=?? Key : k Key : k Eve can not forge MAC when k is unknown
Image of page 6
MAC Authentication (I) MAC allows two or more mutually trusting parties to authenticate messages sent between members Alice M Bob Eve MAC (k,M) Key : k Key : k Only Alice and me know k , one of us sent M. Only Alice and me know k , one of us sent M. If I do not send M, then Alice must have sent it. If I do not send M, then Alice must have sent it.
Image of page 7
MAC Authentication (II) MAC allows two or more mutually trusting parties to authenticate messages sent between members Alice M Bob Eve MAC (k,M) Key : k Key : k Only Alice, Chris, Doug and me know k , one of us sent M. Only Alice, Chris, Doug and me know k , one of us sent M. Chris Key : k Doug Key : k
Image of page 8
One-way Hash Functions Accepts a variable-size message M as input and produces a fixed-size message digest H( M ) as output Does not take a secret key as input To authenticate a message, the message digest is sent with the message in such a way that the message digest is authentic
Image of page 9
Message Message Message K E K (a) Using conventional encryption Compare D H H Message Message Message PR a E PU a (b) Using public-key encryption Compare D H H Message Message Message (c) Using secret value Figure3.2 MessageAuthentication Using a One-Way Hash Function Compare H H S S Source A Destination B
Image of page 10
Secure Hash Functions Is important not
Image of page 11
Image of page 12

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture