Real protocol designs combine the proper7es in

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 7ny bit sick of networks… Input e.g., SHA1 Hash (160 bits) func7on Output Computer Networks 23 MAC (Message Authen7ca7on Code) •  MAC is a small token to validate the integrity/authen7city of a message –  Send the MAC along with message –  Validate MAC, process the message –  Example: HMAC scheme Alice Computer Networks Message MAC Bob 24 12 12/3/13 MAC (2) •  Kind of symmetric encryp7on opera7on – key is shared –  Lets Bob validate unaltered message came from Alice –  Doesn’t let Bob convince Charlie that Alice sent the message Message I♥networks Alice Generate Secret key I♥networks Validate KAB MAC KAB Computer Networks Bob Secret key 25 Digital Signature •  Signature validates the integrity/ authen7city of a message –  Send it along with the message –  Lets all par7es validate –  Example: RSA signatures Alice Computer Networks Message Signature 26 13 12/3/13 Digital Signature (2) •  Kind of public key opera7on – public/private key parts –  Alice signs with private key, KA- 1, Bob verifies with public key, KA –  Does let Bob convince Charlie that Alice sent the message I♥networks Alice Alice’s private key Message Sign I♥networks Verify KA- 1 Signature KA Computer Networks Bob Alice’s public key 27 Preven7ng Replays •  We normally want more than confiden7ality, integrity, and authen7city for secure messages! –  Want to be sure message is fresh •  Don’t want to mistake old message for a new one – a replay –  Ac7ng on it again may cause trouble Computer Networks 28 14 12/3/13 Preven7ng Replays (2) •  Replay aNack: –  Trudy records Alice’s messages to Bob –  Trudy later replays them (unread) to Bob; she pretends to be Alice Hi Al...
View Full Document

Ask a homework question - tutors are online