chapter 6 Message Authentication Codes (MACs)
message secret key
A MAC requires two inputs: a ________ and a _______ ______ known only to the originator of the message and its intended recipient(s). This allows the recipient of the message to verify the integrity of the message and authenticate that the messege's sender has the shared secret key.
MAC
A single algorithm that takes in a message of any length and it gives out a tag (fixed length).
stream encryption
Advantages: Speed of transformation: algorithms are linear in time and constant in space. Low error propogation: an error in encrypting one symbol likely will not affect subsequent symbols. Disadvantages: Low diffusion: all information of a plaintext symbol is contained in a single ciphertext symbol. Susceptibility to insertions/ modifications: an active interceptor who breaks the algorithm might insert spurious text that looks authentic.
symmetric asymmetric
Difference between MACs and digital signatures ◦ MACs use a _______ key "k" for both generating the authentication tag and verifying it ◦ Digital signatures use an _______ key (public key & private key)
good
Draw CBC-MAC
good
Draw MAC diagram sender runs message through a MAC algorithm to produce a MAC data tag. message and MAC tag sent to the receiver. receiver runs message portion of the transmission through same MAC algorithm using the same key, producing a second MAC data tag. receiver then compares the first MAC tag received in the transmission to the second generated MAC tag. If identical receiver assumes message was not altered or tampered with during transmission (data integrity). ------------------------------------------- to allow the receiver to be able to detect replay attacks, message must contain data that assures that this same message can only be sent once (e.g. time stamp, sequence number or use of a one-time MAC). Otherwise an attacker could - without even understanding its content - record this message and play it back at a later time, producing the same result as the original sender
private key
Hash-based message authentication code (HMAC) provides the server and the client each with a ______ ________ that is known only to that specific server and that specific client
integrity authentication
Message ______ ◦ Alice and Bob want to be assured that any manipulations of a message x in transit are detecte Message ______ ◦ Alice wants to be assured that Bob was the originator of the message
Authenticated encryption
Provides both confidentiality and integrity.
HMAC
Stick the first key on the front of the message , hash the whole thing, then stick the second key onto it, hash it again => tag. Hash = a amesteca
GMAC
Very efficient in hardware and software ◦ Can be implemented in hardware for speeds of 10 Gbps and above ◦ Well-suited to software implementations Designed for 128-bit block ciphers Takes three values as input ◦ Key, Message to authenticate, and a Nonce ______ in practice ◦ IPSec - Authentication Header (AH) ◦ IPSec - Encapsulating Security Payload (ESP)
key message
What makes HMAC more secure than Message Authentication Code (MAC) is that the_______ and the _______ are hashed in separate steps.
Integrity
You can detect if the message received was the same one that was sent, or whether it has been modified in transit.
HMAC
______does not encrypt the message. Instead, the message (encrypted or not) must be sent alongside the ______ hash. Parties with the secret key will hash the message again themselves, and if it is authentic, the received and computed hashes will match
HMAC
a message authentication code that uses a cryptographic key in conjunction with a hash function.
Stream ciphers
convert one symbol of plaintext directly into a symbol of ciphertext.
MAC (Message Authentication Code)
cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.
Block ciphers
encrypt a group of plaintext symbols as one block.
block cipher
is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.
stream cipher
is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time. This method is not much used in modern cryptography.
CBC MAC
iv = 0 + last block of ciphertext
checksum
mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.
CBC-MAC
technique for constructing a message authentication code from a block cipher. The message is encrypted with some block cipher algorithm in CBC mode to create a chain of blocks such that each block depends on the proper encryption of the previous block.
HMAC (hash-based MACs)
use a secret key in conjunction with a cryptographic hash function to produce a hash, have become more widely used.
HMAC
uses two passes of hash computation. The secret key is first used to derive two keys - inner and outer. The first pass of the algorithm produces an internal hash derived from the message and the inner key. The second pass produces the final ______ code derived from the inner hash result and the outer key. Thus the algorithm provides better immunity against length extension attacks.
CMAC
◦ NIST standard! ◦ Works almost exactly like CBC-MAC, except it treats the last block differently ◦ XORs one of two special values into the last block prior to the last block cipher encryption These special values are derived from the ______ key, The XORing of these values into the MAC disrupts the attacks that compromise CBC-MAC when used for messages of multiple lengths