1. Message Authentication
a. Msg is not altered
b. Msg is indeed from the alleged sender
c. Msg is has not been artifically delayed or replayed
2.Two Techniques of Authentication
a. Encrypt the whole message before sending
Msg is authentic <=> encrypted msg can be successfully decrypted
Reversable Encryption/Decryption of the whole msg is slow
b. Msg + Digest( A function of msg, f(msg) )
i. Digest = Encrypt(Msg, Key) (Digest here is also called MAC)
Sender sends Msg + Digest
Receiver regardd Msg as authentic <=> Encrypt(Msg, Key) = Digest
The encryption algorithm here needs not to be reversable
ii.Digest = Hash(Msg + SecretValue)
Sender sends Msg + Digest
Receiver regardd Msg as authentic <=> Hash(Msg + SecretValue) = Digest
3. Hash Functions
a.SHA-1: 160bits output (Not as safe as it claims. Avoid this one)
b.SHA-250, SHA-384, SHA-512: safe
c.MD5: 128bits output (Can be brutely cracked)
d.Whirpool: 512bit output. safe
100.
Java API examples
//Digest
MessageDigest md = MessageDigest.getInstance("SHA-1");
MessageDigest md = MessageDigest.getInstance("MD5");
//MAC
KeyGenerator kg = KeyGenerator.getInstance("HmacMD5");
SecretKey sk = kg.generateKey();
Mac mac = Mac.getInstance("HmacMD5");
mac.init(sk);
byte[] result = mac.doFinal(message.getBytes());