Terms

Authenicator

Additional information appended to a message to enable the receiver to verify that the message should be accepted as authentic. The authenticator may be functionally independent of the content of the message itself (e.g., a nounce or a source identifier) or it may be a function of the message contents (e.g., a hash value or a cryptographic checksum).

Birthday Attack

When short hash codes are used it is not difficult to find two messages that produce the same hash code, but have slightly different meanings - p332-333.

Birthday Paradox

Let $$P(n,k)$$ be the probability that at least one duplicate in k items exists when each item can take on one of n different values. So $$P(365,10)$$ is the probability that we have a duplicate in 10 peoples birthdays. It is easier to calculate the number of ways we can not have a duplicate $$N=365 \times 364 \times ... \times (365-k+1) = \frac{365!}{(365-k)!}$$. The number of ways with duplicates is $$N_D = (365)^k$$. Then the probability of at least one duplicate is $$1-\frac{365!}{(365-k)!(365)^k}$$

Compression Function

In the context of hash functions takes two inputs: (1) an n-bit input from the previous step called a chaining variable and a b-bit block (block of the message), and outputs a n-bit output.

Cryptographic Checksum

An authenticator that is a cryptographic function of both the data to be auth4enticated and a secret key. Also referred to as a message authentication code (MAC)

Hash Function

A function that maps a variable-length data block or message into a fixed-length value called a hash code (also referred to as a message digest).

Message Authentication

Measures to deal with (1) Masquerade Attack (2) Content Modification Attack (3) Sequence Modification Attack (4) Timing Modification Attack

Message Digest

see 339

One-way hash function

see 339

Strong/Weak collision resistance

see 339|

Review Questions

11.1 What types of attacs are addressed by message authentication?

See Message Authentication above or p 313 3-6.

11.2 What two levels of functionality comprise a message authentication ro digital signature mechanism?

  1. The lower level: some sort of function that produces an authenticator (see authenticator above).
  2. A higher level: Protocol that enables a receiver to verify the authenticity of a messege using the lower level function.

11.3 What are some approaches to producing message authentication?

  1. Message encryption
  2. Message authentication code (see above)
  3. Hash Function

11.4 When a combination of symmetric encryption and an error control code is used for message authentication, in what order must the two functions be performed?

Append the error control code to the message and then encrypt it. (P. 316)

11.5 What is a message authentication code

See Cryptographic Checksum above

11.6 What is the difference between a message authentication code and a one-way hash function?

The MAC requires a key.

11.7 In what ways can a hash value be secured so as to provide message authentication?

Encrypt it (most likely with a private key).

11.8 Is it necessary to recover the secret key in order to attack a MAC algorithm?

No, but it is similarly difficult to attacking the key and must be done online with chosen text-MAC pairs. See p 336.3.

11.9 What characteristics are needed in a secure hash function?

  1. H can be applied to a block of data of any size.
  2. H produces a fixed-length output.
  3. H(x) is relatively easy to compute for any given x, making both hardware and software implementations practical.

  4. For any given value h, it is computationally infeasible to find x such that H(x) = h. This is sometimes referred to as the one-way property.

  5. For any given block x, it is computationally infeasible to find y != x with H(y)=H(x). This is sometimes referred to as weak collision resistance.

  6. It is computationally infeasible to find any pair (x,y) such that H(x)=H(y). This is sometimes referred to as strong collisi9on resistance.

11.10 What is the difference between strong and weak collision resistance?

See above!

What is the role of a compression function in a hash function

See "Compression function" above.

Csce877Ch11Notes (last edited 2020-01-26 17:59:30 by scot)