9 - Message Authentication Code

Question 1

MesAuthCodes protect from

Answer 1

• Impersonation (both in creation and acknowledgement)
• Content modification
• TIming modification

Question 2

Authentication (Message)

Answer 2

Guarantee that a message originates from the claimed sender, unmodified and at the stated time

Question 3

Auth schemes using public keys vs secret

Answer 3

Public key: Digitial signature
Secret: MAC

Question 4

Process of MAC computation

Answer 4

A:
1. Message m
2. Use some MAC algotrithm with m and k
3. Send m and MAC to B

B:
1. Receive message m
2. Use MAC algo with m and k
3. Compare to received MAC.

Question 5

MAIN idea of MAC

Answer 5

Concatenate key and message then hash. Result is MAC.

In CBC the end block is kept for MAC and this is most likely to have changed

Question 6

GCM - Galois Counter mode

Answer 6

Provides a MAC as part of authenticated encryption

Encrypt in counter mode
Compute a MAC of ciphertext using GHASH

Question 7

Authenticated Encryption

Answer 7

Encryption and authentication are now designed together

Question 8

TImestamp method of authenticating message time

Answer 8

include the timestamp in the message before the whole is authenticated

Question 9

Challenge and response

Answer 9

Generate random number
Send to server
“When you reply add this number also”
server replies with number on next message