Description

Masquerade. Content alteration. Succession adjustment. Timing adjustment. Disavowal ... In the domain of message privacy, and are tended to with encryption ...

Transcripts

Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of Hash Functions and MACs

Authentication Requirements Kind of assaults (dangers) with regards to interchanges over a system Disclosure Traffic investigation Masquerade Content adjustment Sequence change Timing alteration Repudiation Measures to manage initial two assaults: In the domain of message classification , and are tended to with encryption Measures to manage things 3 through 6 Message validation Measures to manage things 7 Digital mark

Authentication Requirements Message verification A strategy to confirm that messages originate from the asserted source and have not been modified Message confirmation may likewise confirm sequencing and opportuneness Digital mark A verification method that likewise incorporates measures to counter revocation by either source or destination

Authentication Functions Authentication Functions Message confirmation or computerized signature component can be seen as having two levels At lower level: there must be some kind of capacities creating an authenticator – a worth to be utilized to verify a message This lower level capacities is utilized as primitive as a part of a more elevated amount confirmation convention

Authentication Functions Authentication Functions Three classes of capacities that might be utilized to deliver an authenticator Message encryption Ciphertext itself serves as authenticator Message verification code (MAC) An open capacity of the message and a mystery key that delivers a settled length esteem that serves as the authenticator Hash work An open capacity that maps a message of any length into an altered length hash esteem, which serves as the authenticator

Authentication Functions Message Encryption Conventional encryption can serve as authenticator Conventional encryption gives verification and additionally privacy Requires unmistakable plaintext or other structure to recognize all around shaped true blue plaintext and pointless irregular bits e.g., ASCII message, an annexed checksum, or utilization of layered conventions

Authentication Functions Basic Uses of Message Encryption

Authentication Functions Ways of Providing Structure Append a mistake identifying code (outline check arrangement (FCS)) to every message

Authentication Functions Ways of Providing Structure - 2 Suppose all the datagrams aside from the IP header is scrambled. On the off chance that a rival substituted some discretionary piece design for the scrambled TCP section, the subsequent plaintext would exclude a significant header

Authentication Functions Confidentiality and Authentication Implications of Message Encryption

Authentication Functions Message Authentication Code Uses a common mystery key to create a settled size square of information (known as a cryptographic checksum or MAC) that is attached to the message MAC = C K (M) Assurances: Message has not been modified Message is from affirmed sender Message grouping is unaltered (requires inside sequencing) Similar to encryption yet MAC calculation needs not be reversible

Authentication Functions Basic Uses of MAC

Authentication Functions Basic Uses of MAC

Authentication Functions Why Use MACs? i.e., why not simply utilize encryption? Cleartext stays clear MAC may be less expensive Broadcast Authentication of executable codes Architectural adaptability Separation of validation check from message use

Authentication Functions Hash Function Converts a variable size message M into settled size hash code H(M) (Sometimes called a message digest ) Can be utilized with encryption for verification E(M || H) M || E(H) M || marked H E( M || marked H ) gives classification M || H( M || K ) E( M || H( M || K )

Authentication Functions Basic Uses of Hash Function

Authentication Functions Basic Uses of Hash Function

Authentication Functions Basic Uses of Hash Function

MACs Message Authentication Codes MAC= C K (M) Key length necessities Sufficient key length to upset savage power assault

Hash Functions Hash Functions h = H(M) M is a variable-length message, h is an altered length hash esteem, H is a hash capacity The hash worth is affixed at the source The beneficiary verifies the message by recomputing the hash esteem Because the hash capacity itself is not thought to be mystery, some methods is required to ensure the hash esteem

Hash Functions Hash Function Requirements H can be connected to any size information square H produces settled length yield H(x) is generally simple to register for any given x H is one-way , i.e., given h, it is computationally infeasible to discover any x s.t. h = H(x) H is feebly impact safe : given x, it is computationally infeasible to discover any y x s.t. H(x) = H(y) H is firmly impact safe : it is computationally infeasible to discover any x and y s.t. H(x) = H(y)

Hash Functions Hash Function Requirements One-way property is key for verification Weak impact resistance is important to forestall imitation Strong crash resistance is vital for imperviousness to birthday assault

Hash Functions Simple Hash Functions Operation of hash capacities The information is seen as a grouping of n-bit hinders The info is prepared one piece at once in an iterative manner to create a n-bit hash capacity Simplest hash capacity: Bitwise XOR of each square C i = b i1 b i2 … b im C i = i-th bit of the hash code, 1 i n m = number of n-bit obstructs in the info b ij = i-th bit in j-th square Known as longitudinal repetition check

Hash Functions Simple Hash Functions Improvement over the simple bitwise XOR Initially set the n-bit hash worth to zero Process each progressive n-bit square of information as takes after Rotate the present hash quality to one side by one piece XOR the piece into the hash esteem

Birthday Attack Birthday Attack If the enemy can produce 2 m/2 variations of a legitimate message and an equivalent number of deceitful messages The two sets are contrasted with discover one message from every set with a typical hash esteem The legitimate message is offered for mark The fake message with the same hash quality is embedded in its place If a 64-bit hash code is utilized, the level of exertion is just on the request of 2 32 Conclusion: the length of the hash code must be generous

Birthday Attack Generating 2 m/2 Variants of Valid Messages Insert various "space-delete space" character sets between words all through the report. Varieties could then be produced by substituting "space-delete space" in chose occurrences Alternatively, basically rephrase the message however hold the significance

Security of Hash Functions and MACs Brute-Force Attack of Hash Functions Three attractive properties of hash capacities One-path : For any given code h, it is computationally infeasible to discover x s.t. H(x) = h Weak crash resistance : For any given piece x, it is computationally infeasible to discover y x s.t. H(y) = H(x) Strong crash resistance : It is computationally infeasible to discover any pair (x, y) s.t. H(y) = H(x) Brute-power assault on n-bit hash code One-way and frail impact require 2 n exertion Strong crash requires 2 n/2 exertion If solid impact resistance is required (and this is attractive for a universally useful secure hash code), 2 n/2 decides the quality of hash code against savage power assault Currently, two most famous hash codes, SHA-1 and RIPEMD-160, give a 160-piece hash code length