Chap5&6 Flashcards
How does MAC assure the receiver that the message received is not changed?
If an attacker changes the message but not the MAC, the receiver will calculate a different MAC from
the MAC received
Why can’t the attacker also change the MAC?
The symmetric key is known only to the sender and receiver
* The attacker does not have the key to calculate and replace the MAC after changing the message.
How does MAC assure the receiver the message is from the correct sender?
The symmetric key is known only to the sender and receiver.
* Only the sender is able to use the key to calculate the MAC.
How does the calculation of MAC differ from symmetric algorithm?
Symmetric algorithm: reversible, involves both encryption and decryption
* MAC: one-way (irreversible), involves only encryption
24
What is the key difference between a message digest (MD) and a message authentication code
(MAC)?
- MD provides data integrity but does not provide data origin authentication
- MAC provides both data integrity and data origin authentication
25
What are the disadvantages of using HMAC?
The biggest drawback is HMAC’s reliance on symmetric secret key
* Symmetric key exchange problem
* Multiple recipients: using multiple symmetric keys needs key management
* Multiple recipients: using single shared key has authentication problem
Can HMAC be used as a digital signature? Why?
- No.
- Both sender and receiver has the same symmetric key
