Presentation is loading. Please wait.

Presentation is loading. Please wait.

2. Authentication & Message Authentication

Published byAde Lie Modified over 6 years ago

Similar presentations

Presentation on theme: "2. Authentication & Message Authentication"— Presentation transcript:

1 2. Authentication & Message Authentication
NETWORK SECURITY LAB Lab 2. Authentication & Message Authentication

2 What is Authentication?
• Short answer: establishes identity  Answers the question: To whom am I speaking? Long answer: evaluates the authenticity of identity proving credentials ‣ Credential – is proof of identity ‣ Evaluation – process that assessing the correctness of the association between credential and claimed identity. • Usually for a purpose • Policy driven (what constitutes a good cred.?)

3 Why Authentication? • World of rights, permissions, and duties?
Authentication establishes our identity so that we can obtain the set of rights/products and services E.g., we establish our identity with Tiffany’s by providing a valid credit card which gives us rights to purchase goods ~ physical authentication system. • Q: How does this relate to security?

4 Authentication in Computer World
The Customer and Vendor are not physically located in same place. • Prove the repudiation of what we are. – Ex: Buying something online using a credit card: – Authentication needed: • Credit Card number • CVV • OTP • Personal Details (Name, , Age, etc.,)

5 Proving Identity • How to verify “Who am I”?
• Documentary resembling proofs; – Driver’s license – Credit Card – Signature Verification – Biometric Verification

6 Proving Identity (2) • Other methods of verifying Identity are:
– Something I know • Mother’s maiden name, First school, Fav. Actor etc., – Something I have • Smart chip cards, valid photo ID cards, etc., – Something I am (Bio-Metric) • Fingerprints • Iris • Face Recognition

7 Message Authentication
• What confirms Message Authentication? – A Received message from source that claims it sent – Message that hasn’t been altered in anyway. – Message sequence is unchanged – Message timing is unchanged • Relay • Delay • Replay – Non-repudiation by sender – Non-repudiation by recevier it.

8 Authentication Functions
• Lower level Functions – Authenticator or Value – Ex: Getting an OTP or verification message • Higher level functions – Authenticator to verify authenticity of message – Ex: Getting OTP only after attempting login in bank site • Functions to produce authentication – Message Encryption (Ciphertext, AES, DES, RSA, etc) – Message Authentication Code (Checksum, MAC, etc) – Hash functions • Mapping messages to value

9 Message Authentication Code
• Also known as cryptographic checksum – MAC = CK(M) – K = Key shared between sender and receiver – CK(M) = Fixed Value authenticator • MAC is readied at source after the message is • The receiver of the message can verify the – Re-computing the MAC of the message – M = Message ready. authenticity of message by:

10 MAC is vulnerable to attacks
• Encryption in MAC – Dependent on length of the key – Brute force attacks: 2K-1 combinations of K bit key • MAC is many-to-one function.

11 MD5 – Message Digest 5 • Step 2: Append length
• Step 1: Appending padding bits – All block size are of 512bits – Padding bits: 1000…512th(0) – (Msg + pad bits + 64 bit for length) = n X 512 • Step 2: Append length • Step 3: Initialize MD Buffer • Step 4: Process message in 512 bit blocks • Step 5: output 128 bit checksum

12 MD5 – Hands-on • Refer to student lab manual for hands-on

13 Secure Hashing Algorithm (SHA)
• MD5 -Dead • SHA -1 • SHA -2 • SHA -3

14 Secure Hashing Algorithm (2)
SHA based algorithms are used for authentication. • Iterative one way hashing algorithm that process a message to produce a condensed representation called a “Message Digest” • Message digest ensures integrity: • That means if a message changes, the message digest will also change.

15 Secure Hashing Algorithm (3)

16 Why different versions of SHA?
Based on the Algorithm that is applied to the text/file the block size of the message digest will change. – Example if SHA-1 is applied the message digest will result in a 512 block OR 160 Bit – SHA-2: A family of two similar hash functions, with different block sizes, known as SHA-256 and SHA- 512. They differ in the word size; SHA-256 uses 32- bit words where SHA-512 uses 64-bit words. – SHA-3: A hash function formerly called Keccak, It supports the same hash lengths as SHA-2, and its internal structure differs significantly from the rest of the SHA family.

17 How SHA Works? • Step 1 - Preprocessing • A Two step procedure
• Based on algorithm of SHA, the initial values will also change

18 How SHA Works? (2) • Step 1.1 – Padding message
• The binary representation of the message – Message Contains 8X4=32 bits

19 How SHA Works? (3) • Remaining Steps: • Step 2: Compute Message digest
– Identify the binary value of the message after padding – Iterate the message schedule from 0-15 (based on algorithm) – Initialize the working variable with the (i-1)st hash value • Step 3: – Iterate the function for t=0 to 79 – Identify the value of ws (as defined in the secure hash standard) • Step 4: – Compute the ith value for intermediate hash value

20 Report Work • Using MD5 – Produce a checksum for:
• An image • A text file • A pdf fie – Create a text file with the checksums – Append the image, text in the file and pdf file – Produce the checksum again and submit both the checksums: before and after the changing the file.

Download ppt "2. Authentication & Message Authentication"

Similar presentations

SECURE HASHING ALGORITHM By: Ruth Betcher. Purpose: Authentication Not Encryption Authentication Requirements:  Masquerade – Insertion of message from.

SECURE HASHING ALGORITHM By: Ruth Betcher. Purpose: Authentication Not Encryption Authentication Requirements:  Masquerade – Insertion of message from.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:

1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.

Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Fall 2002CS 395: Computer Security1 Chapter 11: Message Authentication and Hash Functions.

Fall 2002CS 395: Computer Security1 Chapter 11: Message Authentication and Hash Functions.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.

Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
Cryptographic Hash Functions and Protocol Analysis

Cryptographic Hash Functions and Protocol Analysis
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.
Cryptography and Network Security (CS435) Part Nine (Message Authentication)

Cryptography and Network Security (CS435) Part Nine (Message Authentication)
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted email that contains data specific to that recipient the data.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

Similar presentations

Ads by Google