Understanding Cryptography by Christof Paar and Jan Pelzl www.crypto-textbook.com These slides were prepared by Christof Paar and Jan Pelzl Chapter 12.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
Digital Signatures and Hash Functions. Digital Signatures.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 11. Chapter 11 – Message Authentication and Hash Functions At cats' green on the Sunday he took the message.
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings.
Cryptography and Network Security Chapter 12 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Lecture 2: Message Authentication Anish Arora CSE5473 Introduction to Network Security.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Chapter 10 – Digital Signatures.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
Hash and MAC Algorithms Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther Aldwairi.
EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.
Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.
CSCI 172/283 Fall 2010 Hash Functions, HMACs, and Digital Signatures.
Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Chapter 5 – More About Block.
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
Chapter 4 Message Authentication MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Understanding Cryptography by Christof Paar and Jan Pelzl These slides were prepared by Christof Paar and Jan Pelzl Chapter 8 –
A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.
Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Chapter 11 – Hash Functions.
Chapter 11 Message Authentication and Hash Functions.
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
Lecture 5.1: Message Authentication Codes, and Key Distribution
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2014 Nitesh Saxena.
Cryptographic Hash Functions
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
@Yuan Xue 285: Network Security CS 285 Network Security Hash Algorithm Yuan Xue Fall 2012.
Chapter 12 – Hash Algorithms
G. Pullaiah College of Engineering and Technology
Cryptographic Hash Functions
Cryptographic Hash Function
CSCE 715: Network Systems Security
Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Chapter 10 – Digital Signatures.
Message Authentication and Hash Functions
Message Authentication Code
Cryptographic Hash Functions
MAC: Message Authentication Code
Chapter 11 – Message Authentication and Hash Functions
Introduction to Symmetric-key and Public-key Cryptography
Message Authentication and Hash Functions
NETW4005 COMPUTER SECURITY - A
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Lecture 4.1: Hash Functions, and Message Authentication Codes
Message Authentication Code
CRYPTOGRAPHY & NETWORK SECURITY
Presentation transcript:

Understanding Cryptography by Christof Paar and Jan Pelzl These slides were prepared by Christof Paar and Jan Pelzl Chapter 12 – Message Authentication Codes (MACs)

 Permission to use these slide is only given for courses that use the book Understanding Cryptography by Christof Paar and Jan Pelzl.  If the slides are modified, appropriate credits to the book authors must remain within the slides.  It is not permitted to reproduce parts or all of the slides in printed form whatsoever without written consent by the authors.  The slides may not be used for any non-academic courses without written consent by the authors.  Some legal stuff (sorry): Terms of Use 2/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

 The principle behind MACs  The security properties that can be achieved with MACs  How MACs can be realized with hash functions and with block ciphers  Content of this Chapter 3/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

 Similar to digital signatures, MACs append an authentication tag to a message  MACs use a symmetric key k for generation and verification  Computation of a MAC: m = MAC k (x)  Principle of Message Authentication Codes 4/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

1. Cryptographic checksum A MAC generates a cryptographically secure authentication tag for a given message. 2. Symmetric MACs are based on secret symmetric keys. The signing and verifying parties must share a secret key. 3. Arbitrary message size MACs accept messages of arbitrary length. 4. Fixed output length MACs generate fixed-size authentication tags. 5. Message integrity MACs providemessage integrity: Any manipulations of a message during transit will be detected by the receiver. 6. Message authentication The receiving party is assured of the origin of the message. 7. No nonrepudiation Since MACs are based on symmetric principles, they do not provide nonrepudiation.  Properties of Message Authentication Codes 5/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

 MAC is realized with cryptographic hash functions (e.g., SHA-1)  HMAC is such a MAC built from hash functions  Basic idea: Key is hashed together with the message  Two possible constructions: secret prefix MAC: m =MAC k (x) = h(k||x) secret suffix MAC: m =MAC k (x) = h(x||k)  Attacks: secret prefix MAC: Attack MAC for the message x = (x 1,x 2,...,x n,x n+1 ), where x n+1 is an arbitrary additional block, can be constructed from m without knowing the secret key secret suffix MAC: find collision x and x O such that h(x) = h(x O ), then m = h(x||k) = h(x O ||k)  MACs from Hash Functions 6/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

 Proposed by Mihir Bellare, Ran Canetti and Hugo Krawczyk in 1996  Scheme consists of an inner and outer hash k + is expanded key k expanded key k + is XORed with the inner pad ipad = , ,..., opad = , ,..., HMAC k (x) = h[(k + ⊕ opad)||h[(k + ⊕ ipad)||x]]  HMAC 7/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

 MAC constructed from block ciphers (e.g. AES)  Popular: Use AES in CBC mode  CBC-MAC:  MACs from Block Ciphers 8/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

 MAC Generation Divide the message x into blocks x i Compute first iteration y 1 = e k (x 1 ⊕ IV) Compute y i = e k (x i ⊕ y i−1 ) for the next blocks Final block is the MAC value: m =MAC k (x) = y n  MAC Verification Repeat MAC computation (m‘) Compare results:In case m’ = m, the message is verified as correct In case m’ ≠ m, the message and/or the MAC value m have been altered during transmission  CBC-MAC 9/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

 MACs provide two security services, message integrity and message authentication, using symmetric techniques. MACs are widely used in protocols.  Both of these services are also provided by digital signatures, but MACs are much faster.  MACs do not provide nonrepudiation.  In practice, MACs are either based on block ciphers or on hash functions.  HMAC is a popular MAC used in many practical protocols such as TLS.  Lessons Learned 10/10 Chapter 12 of Understanding Cryptography by Christof Paar and Jan Pelzl

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.