Unformatted text preview: 7ny bit sick of networks… Input e.g., SHA1 Hash (160 bits) func7on Output Computer Networks 23 MAC (Message Authen7ca7on Code) •  MAC is a small token to validate the integrity/authen7city of a message –  Send the MAC along with message –  Validate MAC, process the message –  Example: HMAC scheme Alice Computer Networks Message MAC Bob 24 12 12/3/13 MAC (2) •  Kind of symmetric encryp7on opera7on – key is shared –  Lets Bob validate unaltered message came from Alice –  Doesn’t let Bob convince Charlie that Alice sent the message Message I♥networks Alice Generate Secret key I♥networks Validate KAB MAC KAB Computer Networks Bob Secret key 25 Digital Signature •  Signature validates the integrity/ authen7city of a message –  Send it along with the message –  Lets all par7es validate –  Example: RSA signatures Alice Computer Networks Message Signature 26 13 12/3/13 Digital Signature (2) •  Kind of public key opera7on – public/private key parts –  Alice signs with private key, KA- 1, Bob verifies with public key, KA –  Does let Bob convince Charlie that Alice sent the message I♥networks Alice Alice’s private key Message Sign I♥networks Verify KA- 1 Signature KA Computer Networks Bob Alice’s public key 27 Preven7ng Replays •  We normally want more than confiden7ality, integrity, and authen7city for secure messages! –  Want to be sure message is fresh •  Don’t want to mistake old message for a new one – a replay –  Ac7ng on it again may cause trouble Computer Networks 28 14 12/3/13 Preven7ng Replays (2) •  Replay aNack: –  Trudy records Alice’s messages to Bob –  Trudy later replays them (unread) to Bob; she pretends to be Alice Hi Al...
