Message Authentication Codes CSCI 5857: Encoding and Encryption.

Slides:



Advertisements
Similar presentations
Symmetric Message Authentication Codes Prof. Ravi Sandhu.
Advertisements

Lecture 5: Cryptographic Hashes
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
“Advanced Encryption Standard” & “Modes of Operation”
Encipherment Using Modern Symmetric-Key Ciphers. 8.2 Objectives ❏ To show how modern standard ciphers, such as DES or AES, can be used to encipher long.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Lecture 13 Message Signing
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Encryption Schemes Second Pass Brice Toth 21 November 2001.
Encryption Methods By: Michael A. Scott
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
The Digital Encryption Standard CSCI 5857: Encoding and Encryption.
Lecture 2: Message Authentication Anish Arora CSE5473 Introduction to Network Security.
History and Background Part 1: Basic Concepts and Monoalphabetic Substitution CSCI 5857: Encoding and Encryption.
Block Cipher Transmission Modes CSCI 5857: Encoding and Encryption.
CSCI 5857: Encoding and Encryption
Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
Lecture 4: Using Block Ciphers
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.
CSCI 172/283 Fall 2010 Hash Functions, HMACs, and Digital Signatures.
Confidentiality Confidentiality is maintained so long as private keys are secure. Authenticity is possible via public-key encryption by encrypting messages.
Chapter 4 Message Authentication MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
Chapter 11 Message Authentication and Hash Functions.
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Message Authentication and Hash Functions K. U. Khimani Asst. Prof. IT Dept. VVP Engineering College.
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
Information Integrity and Message Digests CSCI 5857: Encoding and Encryption.
Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy
Symmetric Encryption Lesson Introduction ●Block cipher primitives ●DES ●AES ●Encrypting large message ●Message integrity.
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
DES Analysis and Attacks CSCI 5857: Encoding and Encryption.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
CS555Spring 2012/Topic 151 Cryptography CS 555 Topic 15: HMAC, Combining Encryption & Authentication.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
Data Integrity / Data Authentication. Definition Authentication (Signature) algorithm - A Verification algorithm - V Authentication key – k Verification.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
@Yuan Xue 285: Network Security CS 285 Network Security Hash Algorithm Yuan Xue Fall 2012.
Chapter 12 – Hash Algorithms
Attacks on Public Key Encryption Algorithms
G. Pullaiah College of Engineering and Technology
Security of Message Digests
Message Authentication Code
Lecture 4.1: Hash Functions, and Message Authentication Codes
Message Authentication Code
Presentation transcript:

Message Authentication Codes CSCI 5857: Encoding and Encryption

Outline Message Authentication Code Adding a key to an existing hash function –Prefix/postfix MAC –Nested MAC –HMAC algorithm Creating a MAC using a block cipher (CMAC) Combining confidentiality and information integrity

3 Digests and Networks Same hash applied to message by sender and recipient –Sender creates digest and sends along with message –Recipient creates digest from received message, and compares to received digest –If no match, message has been tampered with en route M

4 Digests and Networks Problem: Adversary can easily intercept digest and change it to match new message –Must assume adversary knows hash function we use! M h(M )

5 Message Authentication Codes Using secret key to create digest –Creates MAC as h(M, k) –Without k, Darth can’t substitute M and then duplicate the h(M, k) that recipient will use to check message integrity –k must be large enough to prevent exhaustive search

6 Prefix/Postfix MAC Key = “extra bits” at beginning or end of message h(M, k) = h(M | k) or h(k | M) Hash algorithm used must have strong “avalanche effect” –Changing few bits at beginning/end changes most bits of MAC even if rest of message is the same –Better if key “spread out” over message rather than at known fixed location Message

7 Nested MAC Hashing applied multiple times –Concatenate key with message: k | M –Run through hash: h(k | M) –Concatenate key again: k | h(k | M) –Run through hash again: MAC = h(k | h(k | M)) Changes in key have greater avalanche effect on final MAC

8 Hashed MAC (HMAC) 2-stage nested MAC Different “round keys” generated for each hash –Stage 1: k1 = k  ipad –Stage 2: k2 = k  opad

9 Hashed MAC (HMAC) Stage 1: k 1 = k  ipad –Key k padded out to b bits with extra 0’s –ipad = … repeated to b bits Stage : k 2 = k  opad –opad = … repeated to b bits Key idea: ipad and opad differ in half of possible bits  k 1 and k 2 will differ very greatly

10 Chained MAC (CMAC) “Hashless” MAC –Uses an encryption algorithm (DES, AES, etc.) to generate MAC

11 Chained MAC (CMAC) Based on same idea as cipher block chaining –Message broken into N blocks –Each block fed into an encryption algorithm with key –Result XOR’d with next block before encryption to make final MAC depend on all blocks Compresses result to size of single block (unlike encryption)

12 Chained MAC (CMAC) Final stage uses “additional key” –Derived from cipher key but hides relationship to key: Encrypting all 0’s Multiplying by x or x 2 over GF(2 n )

13 Chained MAC (CMAC) Additional key XOR’d with final block Crucial to use different key for last XOR –Avoids differential cryptanalysis of 2 messages with same beginning MAC = leftmost n bits of result

14 Chained MAC (CMAC) Advantages: –Can use existing encryption functions –Encryption functions have properties that resist preimage and collision attacks Ciphertext designed to appear like “random noise” – good approximation of random oracle model Most exhibit strong avalanche effect – minor change in message gives great change in resulting MAC Disadvantage: –Encryption algorithms (particularly when chained) can be much slower than hash algorithms

15 Message Integrity and Confidentiality Can encrypt and hash message with different keys –Hash plaintext before encryption –Hash ciphertext after encryption Allows authentication to take place without decryption (usually much faster) h h h h h h h

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.