Post on 20-Oct-2015
description
transcript
DEPARTMENT OF COMPUTER TECHNOLOGY,
YCCE, NAGPUR
VIII-SEMESTERNETWORK SECURITY
1
UNIT NO.4
B. L. PARNEAsst. Prof.
CT Department
UNIT 3:- SYLLABUS
DTEL
.
Message Authentication and Hash Function1
Authentication Requirement2
Authentication Function Code3
Hash Functions and it’s Security4
2
SHA-1, RIPEMD-160, HMAC5
B. L. Parne
Digital Signature Standard, Authentication Protocol 6
Background :
DTEL
3
3
The cryptography systems that we have studied so far provide secrecy, or confidentiality, but not integrity.
However, there are occasions where we may not even need secrecy but instead must have integrity.
B. L. Parne
Background :
DTEL
4
4
• Message authentication is a mechanism or
service used to verify the integrity of message.
• Message authentication assures that data
received are exactly as sent by (no
modification, insertion, deletion or reply)
sender.
B. L. Parne
Document and Fingerprint :
DTEL
5
5
• One way to preserve the integrity of a document is through the use of a fingerprint. If Alice needs to be sure that the contents of her document will not be changed, she can put her fingerprint at the bottom of the document.
B. L. Parne
Message and Message Digest :
DTEL
6
6
• The electronic equivalent of the document and fingerprint pair is the message and digest pair.
B. L. Parne
Difference :
DTEL
7
7
• The two pairs (document / fingerprint) and (message
/ message digest) are similar, with some differences.
• The document and fingerprint are physically linked
together.
• The message and message digest can be unlinked
separately, and, most importantly, the message
digest needs to be safe from change.
B. L. Parne
Checking Integrity :
DTEL
8
8
• Run the cryptographic hash function again and compare the new message digest with previous one.
B. L. Parne
Cryptographic Hash Function Criteria :
DTEL
9
9
• Pre-image resistance: Means that it must be extremely hard for intruder to create any message from the digest.
• Second Pre-image resistance: Ensures that if intruder has a message and the corresponding digest, he should not be able to create second message whose digest is same as the first.
• Collision Resistance: Ensures that intruder cannot find two messages that hash to same digest.
B. L. Parne
Authentication Requirements :
DTEL
10
10
• Disclosure
• Traffic analysis
• Masquerade
• Content modification
• Sequence modification
• Timing modification
• Source repudiation
• Destination repudiation
B. L. Parne
Authentication Function:
DTEL
11
11
• Message Encryption : The ciphertext of the entire
message serves as its authenticator.
• Message Authentication Code : A function of the
message and a secret key that produces a fixed
length value that serves as authenticator.
• Hash Function : A function that maps a message of
any length into a fixed length hash value, which
serves as the authenticator.
B. L. Parne
Message Encryption:
DTEL
12
12
• Symmetric (Private key) Encryption
• Asymmetric (Public key) Encryption
B. L. Parne
Message Authentication :
DTEL
13
13
• A message digest does not authenticate the sender of the message.
• To provide message authentication, Alice needs to provide proof that it is Alice sending the message and not an impostor.
• The digest created by a cryptographic hash function is normally called a modification detection code (MDC).
• What we need for message authentication is a message authentication code (MAC).
B. L. Parne
Modification Detection Code :
DTEL
14
14B. L. Parne
Modification Authentication Code :
DTEL
15
15B. L. Parne
The security of a MAC depends on the security of the underlying hash algorithm.
Security of MAC :
DTEL
16
16
• Suppose Eve has intercepted the message M and the
digest h(K/M). There are three possible way to forge
a message without knowing the secret key :
– If the size of key allow exhaustive search.
– By applying preimage attack until Eve will find X such
that h(X) is equal to MAC she has intercepted.
– Given some pairs of messages and their MAC’s, Eve can
manipulate them to come up with new message and its
MAC.
B. L. Parne
Nested MAC :
DTEL
17
17B. L. Parne
HMAC Design Objective :
DTEL
18
18
• To allow easy replace-ability of the embedded hash
function in case faster or more secure hash function
are found or required.
• To use and handle keys in a simple way.
• To preserve the original performance of the hash
function without incurring a significant degradation.
• To use without modifications, available hash
functions.
B. L. Parne
HMAC :
DTEL
19
19B. L. Parne
CMAC :
DTEL
20
20B. L. Parne
DTEL
References Books:
Cryptography and Network Security Principles and Practices , 4/e, by William Stallings (Pearson Edu Asia).
Cryptography and Network Security, 2/e by Behrouz A. Forouzan, The McGraw-Hill Publication.
Networks Security Essentials, Applications and Standards,4/e by William Stalling (Pearson Edu).
https://www.dropbox.com/s/467ms83kfdy9f90/Cryptography%20and%20Network%20Security%20Principles%20and%20Practices%2C%204th%20Ed%20-%20William%20Stallings.pdf
21