Chapter 11: Message Authentication and Hash Functions

Questions and Answers

What is the primary purpose of a Message Authentication Code (MAC)?

• To provide a reversible transformation on the message
• To ensure confidentiality of the message
• To encrypt the message for secure transmission
• To assure the message has not been altered and is from the alleged sender (correct)

Which formula correctly represents the relationship used to generate a MAC?

• MAC = C(K, M) (correct)
• MAC = K(M)
• MAC = CK(M)
• MAC = C(M, K)

What is the consequence if the calculated MAC does not match the received MAC?

• The message remains unchanged and valid
• The message is confirmed to be from the sender
• The message may have been altered or is from a different sender (correct)
• The same shared key can be used for verification

In which scenario is confidentiality assured when using a MAC?

When the message is encrypted before the MAC is calculated (D)

Why is it preferable to tie authentication directly to the plaintext according to the preferred methods?

To improve the reliability of the MAC process (C)

What additional measure must be taken to ensure confidentiality when using a MAC alone?

The message should not be transmitted in the clear (D)

What does the MAC function primarily verify during the message transmission process?

The integrity and sequence of the message (B)

What are the characteristics of a MAC algorithm compared to encryption?

It has no confidentiality guarantees (C)

What is the primary objective of digital signatures?

To authenticate and verify documents and data (D)

Which of the following is NOT considered an attack in the context of network communications?

Data encryption (C)

What function does a Message Authentication Code (MAC) serve?

To ensure message authenticity and integrity (A)

At what level does the authenticator function operate in the authentication protocol?

At a lower level, producing an authenticator value (B)

Which attack aims to modify the sequence of messages?

Sequence modification (C)

Which mechanism uses the ciphertext itself to serve as an authenticator?

Message encryption (D)

What does message authentication verify?

The timeliness and sequencing of messages (D)

What are the two levels viewed in the function of message authentication or digital signatures?

Lower level and higher level authentication protocol (D)

What is the primary role of a hash function?

To map messages of any length to a fixed-length hash value (D)

Which encryption method uses the same key for both encryption and decryption?

Symmetric encryption (A)

How does symmetric encryption provide authentication?

By ensuring only the sender shares the encryption key (A)

What is a key characteristic of asymmetric encryption?

Utilizes both public and private keys for secure communication (C)

What can be used in symmetric encryption to distinguish between legitimate plaintext and random bits?

Recognizable plaintext or checksums (C)

In symmetric encryption, if party A and party B share a secret key, what does this imply?

Party B can guarantee the message originated from party A (B)

What is a major limitation of symmetric encryption?

The secret key must be securely shared between parties (A)

Why is a checksum considered an authentication method in message encryption?

It verifies the integrity and origin of transmitted messages (D)

What is the purpose of appending an error-detecting code, like an FCS, to a message before encryption?

To facilitate error detection for successful transmission (A)

Which of the following describes a Message Authentication Code (MAC)?

A cryptographic checksum created using a shared secret key (D)

What happens if the FCS does not match at the destination after decryption?

The message is discarded due to possible corruption (D)

What classification describes error control methods applied internally to the communication system?

Internal error control (A)

How is the structure in the encrypted message influenced according to the content?

The plaintext should maintain a specific structure prior to encryption (C)

What is a critical factor for ensuring the successful transmission of data frames across a network?

Incorporating an error-detecting code like an FCS (C)

Which of the following statements accurately reflects the function of symmetric encryption regarding message authenticity?

It ensures both authentication and confidentiality (C)

Why might it be difficult to determine if incoming ciphertext decrypts to intelligible plaintext?

Ciphertext can appear similar regardless of content (A)

Flashcards

Disclosure

An attack that involves intercepting and reading the content of a message, violating confidentiality.

Traffic Analysis

An attack that involves monitoring network traffic patterns to gain information about communication patterns.

Masquerade

An attack where an attacker impersonates a legitimate user or entity.

Content Modification

An attack where an attacker alters the content of a message during transmission.

Message Authentication

A procedure that verifies the origin and integrity of a message. It ensures the message came from the claimed sender and hasn't been tampered with.

Digital Signature

Similar to message authentication, but offers additional protection against repudiation from the sender. It proves the sender's identity and commitment to the message.

Message Authentication Code (MAC)

A function that generates a short, fixed-length value used to authenticate a message. It's calculated based on the message content and a secret key.

Message Encryption

This class of authentication functions uses message encryption to ensure both confidentiality and authenticity. The encrypted message itself acts as the authenticator.

Hash Function

A function that converts data of any length into a fixed-length hash value used for authentication.

Symmetric Encryption

A technique that uses a secret key shared by both sender and receiver to encrypt and decrypt messages, providing both confidentiality and authentication.

Authentication

Ensuring that a message or data is genuine and comes from the expected source, preventing unauthorized modifications or impersonation.

Confidentiality

Keeping information secret and accessible only to authorized individuals, preventing unauthorized access or disclosure.

Checksum

A technique using a mathematical function to generate a unique value (checksum) for a given data block, used to ensure message integrity.

Asymmetric Encryption

A method of encryption using a pair of mathematically linked keys (public and private) where one key encrypts and the other decrypts.

How does Symmetric Encryption work?

In cryptography, a message is encrypted using a secret key shared between the sender and recipient. This key is used by both parties to encrypt and decrypt the message, ensuring confidentiality and authentication.

How does Asymmetric Encryption work?

A type of cryptographic technique that utilizes two separate keys: a public key for encryption and a private key for decryption. This ensures that only the intended recipient, possessing the private key, can decrypt the message, providing both confidentiality and authentication.

Internal Error Control

A method of ensuring message authenticity by appending a frame check sequence (FCS) or checksum to the data before encryption. The FCS is recalculated at the receiver, and a mismatch indicates a potential issue.

Frame Check Sequence (FCS)

A way to protect message integrity by adding a unique code that detects any modifications or errors during transmission, even before encryption.

Intelligibility Issue with Symmetric Encryption

A problem with symmetric encryption where automatically determining if decrypted ciphertext is valid (intelligible) can be difficult, leading to potential disruptions.

Order Importance for FCS and Encryption

This occurs when the order of applying encryption and frame check sequence (FCS) is crucial. Incorrect order can compromise authentication.

Message Encryption as an Authenticator

This refers to a form of authentication where the encrypted message itself acts as an authenticator, ensuring both confidentiality and authenticity.

Authentication using FCS

A technique that uses error-detection codes (FCS or checksum) to validate data integrity before encryption, ensuring the message hasn't been corrupted.

External Error Control (FCS)

A method of ensuring message integrity by appending a frame check sequence (FCS) to the message after encryption, providing a level of authentication. This is different from internal FCS.

What is a Message Authentication Code (MAC)?

A short, fixed-length value generated to authenticate a message.

What are the assurances provided by a MAC?

It ensures that the message has not been altered and that it came from the claimed sender.

How is a MAC calculated?

The MAC is calculated as a function of the message and a shared secret key.

How are messages transmitted with MACs?

A message and its MAC are transmitted together.

How does the receiver verify the MAC?

The receiver calculates the MAC using the received message and the shared key.

What happens if the MACs match?

If the received MAC matches the calculated MAC, the message is considered authentic.

How does MAC provide both confidentiality and authenticity?

It ensures confidentiality by encrypting the message before or after calculating the MAC.

What is the preferred method for providing both confidentiality and authenticity?

A method where the MAC is calculated and then concatenated with the encrypted message.

Study Notes

Chapter 11: Message Authentication and Hash Functions

• Message authentication is a procedure to verify that received messages originate from the claimed source and haven't been altered. It may also verify message sequencing and timeliness.
• Digital signatures are an authentication technique that also addresses source repudiation (the denial of sending the message.)
• The goal of digital signatures is to authenticate and verify documents, preventing tampering and forgery during transmission.
• Message authentication or digital signatures can be viewed as having two levels. Lower level functions produce an authenticator for use in a higher-level authentication protocol.
• Authentication functions can be categorized into three classes:
  • Message encryption: The ciphertext itself serves as the authenticator. This provides confidentiality as well as authentication. Plaintext must be recognizable. Checksums (basic or layered) or ASCII text are examples.
  • Message Authentication Code (MAC): A short piece of information appended to a message to confirm its authenticity and prevent modification. It's a function of the message and a secret key, producing a fixed-length value.
  • Hash function: A function that maps a message of any length to a fixed-length hash value. This value serves as the authenticator. Hash functions do not require keys.

Authentication Requirements

• Attacks on network communications:
  • Disclosure
  • Traffic analysis
  • Masquerade
  • Content modification
  • Sequence modification
  • Timing modification
  • Source repudiation
  • Destination repudiation
• These attacks impact confidentiality, message authentication and digital signatures, and specialized digital signatures.

Symmetric Encryption

• Symmetric encryption uses the same secret key to encrypt and decrypt data.
• Confidentiality is provided if no other party knows the key.
• Authentication is also provided because only the sender possessing the key can construct the ciphertext.
• However, a recipient using symmetric encryption cannot be assured the message wasn't forged by an unauthorized party.
• The solution is to include a checksum or frame check sequence (FCS) which must be correctly calculated both at the source and destination.
  • The order of these operations is important for internal and external FCS error control.

Message Encryption

• Symmetric encryption can be used as an authenticator as well as for confidentiality.
• Requires recognizable plaintext format or structure to distinguish between authentic and inauthentic messages.
• Public key encryption also can serve as an authenticator. It uses mathematically linked public and private keys for encrypting and decrypting.

Basic Uses of Message Encryption

• Symmetric Encryption: A sends an encrypted message to B, using a key shared by both. No one but B can decrypt the message. Ensures confidentiality and a degree of authentication.
• Public-Key Encryption(asymmetric): A uses B's public key to encrypt a message, B uses their private key to decrypt it. Ensures confidentiality but no authentication; any party could use a public key to encrypt a message and claim it originated from A.

Additional Authentication Functions

• Message Authentication Code (MAC):

  • Uses a shared secret key to generate a fixed-size block of data (MAC or checksum.)
  • This algorithm creates a small, fixed-size block.
  • Provides assurance that the message was unaltered and came from the sender. The receiver performs the same computation.
  • MAC = C_K(M) where C is a MAC function.

• Hash Function

  • A one-way hash function converts a variable-sized message into a fixed-sized hash code.
  • Unlike a MAC, a hash code does not use a key, but is a function only of the input message;
  • Used to provide message integrity.

• Hash functions can be used with encryption or a shared key for authentication. Common strategies include : -E(M || H(M)); M || E(H(M)); M || signed H; M || H(M || K); E(M || H(M || K))

Description

This quiz covers key concepts in message authentication and hash functions, focusing on procedures to verify message integrity and origin. It explores digital signatures, their role in authentication, as well as various classes of authentication functions. Prepare to test your understanding of these critical security measures in information technology.