Message Authentication

Message authentication guarantees the authenticity and integrity of a message by ensuring that:

• A message hasn’t been altered (either maliciously or accidentally) during transmission.

• A message isn’t a replay of a previous message.

• The message was sent from the origin stated (not a forgery).

• The message is sent to the intended recipient.

Checksums, CRC-values, and parity checks are examples of basic message authentication and integrity controls. More advanced message authentication is performed by using digital signatures and message digests.

 Instant Answer   Digital signatures and message digests are used for message authentication.

Digital signatures

The Digital Signature Standard (DSS), published by NIST in Federal Information Processing Standard (FIPS) 186-1, specifies two acceptable algorithms in its standard: the RSA Digital Signature Algorithm and the Digital Signature Algorithm (DSA, which is based on a modified El Gamal algorithm). Both algorithms use the SHA-1 Secure Hash Algorithm, which we discuss in the upcoming section “SHA-1.”

A digital signature is a simple way to verify the authenticity (and integrity) of a message. Instead of encrypting a message with the intended receiver’s public key, the sender encrypts it with his own private key. The sender’s public key properly decrypts the message, authenticating the originator of the message. This is known as an open message format in asymmetric key systems, which we discuss earlier in the section “Asymmetric key cryptography.”

However, it’s often impractical to encrypt a message with the receiver’s public key to protect confidentiality, and then encrypt the entire message again by using the sender’s private key to protect authenticity and integrity. Instead, a representation of the encrypted message is encrypted with the sender’s private key to produce a digital signature. The intended recipient decrypts this representation by using the sender’s public key, and then independently calculates the expected results of the decrypted representation by using the same, known one-way hashing algorithm. Read more about this in the upcoming section “Message digests.” If the results are the same, the integrity of the original message is assured. This representation of the entire message is known as a message digest.

Message digests

To digest means to reduce or condense something, and this is precisely what a message digest does. (Conversely, indigestion means to expand, as in gases . . . how do you spell relief?). A message digest is a condensed representation of a message; think Reader’s Digest. Ideally, a message digest has the following properties:

• The original message can’t be re-created from the message digest.

• Finding a message that produces a particular digest shouldn’t be computationally feasible.

• No two messages should produce the same message digest.

• The message digest should be calculated by using the entire contents of the original message - it shouldn’t be a representation of a representation.

Message digests are produced by using a one-way hash function. There are several types of one-way hashing algorithms (digest algorithms), including MD5, SHA-1, and HMAC.

 Warning   A collision results when two messages produce the same digest or when a second message produces the same digest as a different message.

 Remember   A one-way function ensures that the same key can’t encrypt and decrypt a message in an asymmetric key system. One key encrypts the message (produces ciphertext), and a second key (the trapdoor) decrypts the message (produces plaintext), effectively reversing the one-way function. Its purpose is to ensure confidentiality.

A one-way hashing algorithm produces a hashing value (or message digest) that can’t be reversed; that is, it can’t be decrypted. In other words, no trap-door exists for a one-way hashing algorithm. The purpose of a one-way hashing algorithm is to ensure integrity and authentication.

MD5

MD5 is a one-way hash algorithm developed by Ronald Rivest in 1991. It is actually part of a family of digest algorithms developed by Ronald Rivest beginning with MD. After some limited success with MD, individual variations were created, beginning with MD2. MD2 produced a 128-bit digest and was used extensively for many years; eventually, flaws were found and a new replacement was needed. MD3 was never taken seriously, and after a very short period in the limelight, MD4 was quickly exploited. However, unlike any of its predecessors, MD5 is strong, fast, and resilient, and is one of the most popular hashing algorithms in use today. MD5 takes a variable size input (message) and produces a fixed-size output (128-bit message digest). Messages are processed in 512-bit blocks using four rounds of transformation.

SHA-1

SHA-1 (Secure Hash Algorithm) functions very similar to MD5. In fact, Ronald Rivest was instrumental in its design. Like MD5, SHA-1 takes a variable size input (message) and produces a fixed-size (160-bit message digest versus MD5’s 128-bit message digest). SHA-1 processes messages in 512-bit blocks and adds padding to a message length, if necessary, to produce a total message length that’s a multiple of 512.

HMAC

The Hashed Message Authentication Code (or Checksum) (HMAC) further extends the security of the MD5 and SHA-1 algorithms through the concept of a keyed digest. HMAC incorporates a previously shared secret key and the original into a single message digest. Thus, even if an attacker intercepts a message, modifies its contents, and calculates a new message digest, the result won’t match the receiver’s hash calculation because the modified message’s hash doesn’t include the secret key.

 Instant Answer   MD5, SHA-1, and HMAC are all examples of message authentication algorithms.