Seminar3_2010 - Seminar 3 Public Public-Key Cryptography...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
Seminar 3 ublic ey Public Public-Key Key ryptography and Cryptography and essage Message Authentication Fabian Ng 1
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
OUTLINE • Approaches to Message Authentication ecure Hash Functions and HMAC Secure Hash Functions and HMAC • Public-Key Cryptography Principles • Public-Key Cryptography Algorithms igital Signatures Digital Signatures • Key Management Fabian Ng 2
Background image of page 2
uthentication Authentication equirements - ust be able to verify that: Requirements must be able to verify that: 1. Message came from apparent source .g m f m p p or author, 2. Contents have not been altered, 3. Sometimes, it was sent at a certain time or sequence. 4. Message –a legitimate part of a transaction • Protection against active attack alsification of data and transactions) Fabian Ng 3 (falsification of data and transactions)
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
uestion : oes it mean that by encrypting a Approaches Question Does it mean that by encrypting a message using secret key algorithm will ensure that the message is authentic ? partiallycorrect 1. could not be equally sure that the message is fresh , or has not been “cut-and-pasted ” from another ansaction or has not been changed oes not transaction, or has not been changed. - does not completely ensure authenticity of message. the encrypted message may come with a a 2. the encrypted message may come with a timestamp, a sequence number, and a checksum, - can be reasonably sure that the message is authentic. Actual Data Timestamp Sequence Number Checksum time the message is being sent out number that reflects the position of a essage in that number that allows one to assess whether e message has been Fabian Ng 4 or processed. message in that transaction. the message has been changed.
Background image of page 4
Approaches to Message Authentication Authentication Using Conventional Encryption – Only the sender and receiver should share a key Message Authentication without Message Encryption – An authentication tag is generated and appended to each message Message Authentication Code alculate the MAC as a function of the message and the • Calculate the MAC as a function of the message and the key. MAC = F(K, M) Fabian Ng 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Message Authentication Code •loosely as “a checksum that take in a secret ey as part of the input” key as part of the input Fabian Ng 6
Background image of page 6
Example 3.2 For a message, one possible MAC could be the last 4-byte of the corresponding ciphertext (formed using a secret key algorithm such as AES): Message M Actual Data Timestamp Sequence Number MAC igure 3 6 essage to be sent out Ciphertext of Message, computed using secret key k Figure 3.6 Message to be sent out AES(M, k) MAC = last 4 byte of AES( M , k ) Figure 3.2 MAC Thus suppose a message M has a 8-byte ciphertext 1 2 33 26 787 39 71 24 8 Figure 3.3 Ciphertext for Message M The MAC for this message will be the last four byte Fabian Ng 7 73 97 12 48 Figure 3.4 MAC for message M
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
One One-way HASH function way HASH function “a checksum that is very strong”.
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 09/06/2010 for the course IT ICt211 taught by Professor Tan during the Spring '10 term at Singapore Institute of Management.

Page1 / 33

Seminar3_2010 - Seminar 3 Public Public-Key Cryptography...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online