Chapter 11: Message Authentication and Hash Functions

Questions and Answers

What is the purpose of appending an error-detecting code to a message before encryption?

• To provide an additional layer of encryption
• To enhance the confidentiality of the message
• To detect any corruption during transmission (correct)
• To ensure that the ciphertext decrypts to intelligible plaintext

Which of the following best describes a frame check sequence (FCS)?

• A secret code known only to the sender
• A cryptographic key used for encryption
• A fixed-size block of data for message verification
• An appended code for error detection (correct)

What happens if the calculated FCS does not match the incoming FCS at the receiving end?

• The transmission is considered successful
• The message is decrypted successfully
• The frame is discarded (correct)
• The message is assumed to be authentic

What type of key is used in Message Authentication Code (MAC)?

A shared secret key (D)

In what order should the FCS and encryption functions be performed for effective error detection?

Adding FCS first, then encryption (A)

Which of the following is NOT a classification mentioned for methods of authentication?

Public key infrastructure (B)

What is the main goal of symmetric encryption in relation to data?

To offer authentication and confidentiality (A)

Which of the following describes a scenario that might require an authentication function?

Transmitting data across an unsecured network (B)

What is the primary purpose of message authentication?

To verify the integrity and source of messages (C)

Which of the following is NOT a kind of attack in the context of network communication?

Data encryption (B)

What mechanism serves as a function to verify the authenticity of a message?

Message Authentication Code (MAC) (D)

How does a digital signature help in communication?

It counters repudiation by the source (D)

Which class of functions is used to produce an authenticator in message authentication?

Message encryption (C)

What assurance does message authentication provide regarding the message?

The message originates from the alleged sender and remains unaltered (D)

What characteristic does the terminology 'repudiation' refer to in the context of digital signatures?

The ability to deny sending a message (A)

What is a primary function of the lower level in the authentication process?

To produce an authenticator value (B)

What is the primary purpose of a hash function?

To map messages of any length into a fixed-length hash value (B)

Which statement accurately describes symmetric encryption?

It requires a shared secret key for both encryption and decryption. (D)

How does symmetric encryption provide confidentiality?

By encrypting the message with a secret key that only sender and receiver share. (B)

What role does public-key encryption serve?

It uses mathematically linked public and private keys for secure communication. (C)

What is required for symmetric encryption to assure the recipient of a message's origin?

Recognition of the plaintext format. (B)

What must a message include to verify its integrity before decryption in symmetric encryption?

A shared secret key and recognizable structure. (D)

Which of the following statements about authentication using symmetric encryption is true?

Authentication is achieved as the recipient knows the message came from the sender with the key. (D)

What typically distinguishes well-formed legitimate plaintext from meaningless random bits in symmetric encryption?

Readable organizational format and checksums. (C)

What is the primary purpose of a Message Authentication Code (MAC)?

To ensure the message is unaltered and from the sender (C)

In the MAC process, what role does the shared secret key (K) play?

It helps generate the MAC from the input message (C)

Which of the following statements is true concerning the MAC process?

The MAC does not provide confidentiality (B)

What happens if the received MAC does not match the calculated MAC at the recipient's end?

The message is assumed to be altered or from an impostor (C)

How can confidentiality be obtained while using a MAC?

By encrypting the message either before or after generating the MAC (C)

Which of the following accurately describes the relationship between the MAC and the input message?

The MAC is generated as a function of both the key and the input message (B)

Which method of MAC application is generally preferred for message authentication?

Generating the MAC first, then encrypting (A)

What is NOT a basic assurance provided by a MAC?

The message is kept confidential (B)

Flashcards

Message Authentication

Ensuring a message originates from the claimed sender and hasn't been altered during transmission.

Digital Signature

A technique to verify a message's authenticity and prevent the sender from denying sending it.

Disclosure Attack

An attack where an unauthorized party intercepts and reads a message.

Traffic Analysis Attack

An attack where an attacker analyzes network traffic patterns to infer information about communication.

Masquerade Attack

An attack where an unauthorized party impersonates a legitimate sender.

Content Modification Attack

An attack where an attacker alters the content of a message.

Message Authentication Code (MAC)

A piece of data used to authenticate a message, derived from the message and a secret key.

Message Encryption as Authentication

Using encryption to secure a message, where the ciphertext itself acts as an authenticator.

Internal Error Control

A technique that appends an error-detecting code (FCS) or checksum to a message before encryption, ensuring data integrity and authenticity.

What is a cryptographic checksum or MAC?

A cryptographic checksum or MAC generated using a shared secret key, appended to a message to verify its authenticity.

How does MAC work?

A shared secret key is used to generate a fixed-size block of data called a MAC, which is appended to the message. Both sender and receiver have the same secret key.

What is the role of checksum or FCS in message authentication?

Adding a checksum or FCS to a message before encryption to ensure data integrity. This involves applying a function to the message and appending the result.

What is the difference between internal and external error control?

Internal error control is performed before encryption, while external error control is done after encryption.

How does message authentication work?

A process where a function is applied to the message before or after encryption to produce a unique signature. The signature can be used to authenticate the message.

Hash Function

A function transforming any length input into a fixed-length output, ensuring authenticity. It's like a fingerprint for a message.

Symmetric Encryption for Authentication

Symmetric encryption protects data confidentiality while also verifying the sender's identity. Both sender and receiver use the same private key for encrypting and decrypting.

Think of a lock where only one key unlocks a box, demonstrating confidentiality and authentication.

Public-key Encryption for Authentication

Public-key encryption can authenticate messages by guaranteeing that only the intended recipient can decrypt and read the message. Think of having two keys, one public for anyone to lock a box and one private for only you to unlock it.

Symmetric Encryption: Authentication & Confidentiality

Symmetric encryption protects data confidentiality while also verifying the sender's identity. Both sender and receiver use the same private key for encrypting and decrypting.

Think of a lock where only one key unlocks a box, demonstrating confidentiality and authentication.

Symmetric Encryption: Plaintext Structure

Symmetric encryption often relies on recognizable patterns in the plaintext, like ASCII text, checksums, or layered protocols, for authentication. It needs a structure to distinguish valid messages from random bits.

Think of how a lock needs a specific key shape to unlock a box, ensuring the right key is used.

Authentication through Shared Keys

In a message sent between A and B, the receiver, B, can be confident it originated from A because only A has access to the shared secret key, K.

Imagine only you and a friend have a key to a chest: only they could have opened it.

Checksum for Authentication

A checksum, often a numerical value, is appended to a message to verify its integrity. It acts like a simple fingerprint, allowing the receiver to detect any alterations.

Think of generating a unique number for a bank transfer, verifying both sender and amount.

What is a Message Authentication Code (MAC)?

A fixed-size block of data generated from a message and a secret key, used to verify message authenticity and integrity.

What is a MAC function?

A cryptographic function that uses a secret key to create a MAC, ensuring the message's integrity and authenticity.

How is a MAC used in message authentication?

The message plus MAC are sent to the receiver, who then performs the MAC calculation on the received message using the same key. If the calculated MAC matches the received MAC, it confirms message authenticity and integrity.

What assurance does a MAC provide regarding message integrity?

Assures that the message hasn't been modified during transit. Think of it as ensuring the message is the same as what the sender initially sent.

What assurance does a MAC provide regarding message origin?

A MAC verifies the message's origin, ensuring it's actually from the claimed sender. This helps prevent someone from impersonating the rightful sender.

How can MACs be used with encryption?

MACs can be used in conjunction with encryption to provide both authentication and confidentiality. For example, the MAC can be calculated on the plaintext and then concatenated to the ciphertext.

How does a MAC differ from encryption?

While similar to encryption, MAC algorithms don't need to be reversible. This means the MAC can be easily generated but not used to recover the original message.

What are some applications of MACs?

MACs are used in various applications, including secure communication protocols, data integrity checks, and digital signatures.

Study Notes

Chapter 11: Message Authentication and Hash Functions

• Message authentication is a process to verify received messages' origin and ensure no alterations. It can also check sequencing and timeliness.
• Attacks on network communication include disclosure, traffic analysis, masquerade, content modification, sequence modification, timing modification, source repudiation, and destination repudiation. These attacks affect confidentiality and message authenticity.
• Digital signatures are authentication techniques that prevent repudiation (the denial of sending a message). Their purpose is verifying documents and data, preventing tampering and forgery.

Authentication Requirements

• Multiple attacks can affect network communications, including disclosure, traffic analysis, masquerade, and content tampering. These attacks compromise confidentiality, message authentication, and digital signatures, leading to issues in network security.
• Specialized digital signatures address issues like source and destination repudiation, crucial for authenticity in secure communication.

Authentication Functions

• Message authentication or digital signature mechanisms can be seen as having two levels. Lower-level functions produce an authenticator which is used in higher-level protocols.
• There are three classes of functions used to produce authenticators: message encryption, message authentication code (MAC), and hash functions.
• Message encryption: The ciphertext itself can act as an authenticator. Encryption ensures confidentiality, but it does not guarantee message authenticity by itself—the key must be shared securely.
• A MAC (Message Authentication Code) is a short piece of information appended to a message, verified by the recipient. The MAC's fixed length is dependent on the algorithm and secret key. A MAC function is used to produce an authenticator with a fixed-length output. A sender and receiver need to share a secret key for this function to work.
• Hash functions are one-way transformations that produce an output based on the input message without needing a shared key. This output can be used for creating a message digest or checksum verifying message integrity.

Message Encryption

• Symmetric encryption: The same secret key is used for encryption and decryption, both by the sender and recipient. This ensures confidentiality and a form of authentication. It requires a recognizable plaintext or structure to distinguish legitimate text.
• Public-key cryptography (asymmetric encryption): Different keys are used for encryption and decryption (public and private). This offers confidentiality, authentication, and digital signatures while needing less key management than symmetric encryption.

Basic Uses of Message Encryption

• Diagrams illustrate symmetric and asymmetric (public-key) encryption in different scenarios (confidentiality, authentication, digital signatures).

Symmetric Encryption

• A message transmitted uses a secret key shared by both sender and receiver.
• If no other parties know the key, confidentiality is ensured.
• The message origin is certain because only the sender holds the matching key.
• This approach provides authentication.
• Symmetric encryption may require extra structures (checksums) to prevent integrity issues if plaintext is modified during transmission.

Ways of Providing Structure

• Append an error detection code (FCS or checksum) before encryption to facilitate error checking at the receiver.

Internal Error Control

• Appending an error-detecting code (e.g., checksum) to the message before encryption and calculating the code again at the receiver to verify the message's integrity.

Message Authentication Code

• Using a shared secret key to generate a fixed-size block of data that's appended to the message and verified by the recipient. This approach helps verify message origin and integrity but not message confidentiality.
• The receiver performs a calculation using the same secret key to create a new MAC to match. A match confirms the message's authenticity.

Theory of Operation

• The sender calculates the MAC using the shared secret key and sends it along with the plain message. The receiver carries out the same calculation using the key and compares it with the received MAC to verify the message's authenticity.

Why Use MACs?

• Speed and efficiency; MAC computations may be cheaper than full encryption processes.
• Usefulness in cases needing authentication without confidentiality.
• MACs are useful for protecting code or files, guaranteeing authenticity and integrity over time.

Hash Functions

• One-way hash functions take a message of any length and convert it to a fixed-size hash code. Hash codes are unique for each message, ensuring message integrity and permitting the confirmation of message changes.
• Hash functions do not need a shared key to create the hash code, contrasting with MACs, which do require a shared key for authentication.
• Hash functions can be used with encryption or a shared key for authentication purposes—they provide message integrity.
• Various uses of hash functions, such as in error control, digital signatures, and message validation, are described