9 - Message Authentication Code Flashcards
MesAuthCodes protect from
- Impersonation (both in creation and acknowledgement)
- Content modification
- TIming modification
Authentication (Message)
Guarantee that a message originates from the claimed sender, unmodified and at the stated time
Auth schemes using public keys vs secret
Public key: Digitial signature
Secret: MAC
Process of MAC computation
A:
1. Message m
2. Use some MAC algotrithm with m and k
3. Send m and MAC to B
B:
1. Receive message m
2. Use MAC algo with m and k
3. Compare to received MAC.
MAIN idea of MAC
Concatenate key and message then hash. Result is MAC.
In CBC the end block is kept for MAC and this is most likely to have changed
GCM - Galois Counter mode
Provides a MAC as part of authenticated encryption
Encrypt in counter mode
Compute a MAC of ciphertext using GHASH
Authenticated Encryption
Encryption and authentication are now designed together
TImestamp method of authenticating message time
include the timestamp in the message before the whole is authenticated
Challenge and response
Generate random number
Send to server
“When you reply add this number also”
server replies with number on next message