Network Security Essentials — Notes3. Message Authentication

1. Message Authentication

  a. Msg is not altered

  b. Msg is indeed from the alleged sender

  c. Msg is has not been artifically delayed or replayed

2.Two Techniques of Authentication

   a. Encrypt the whole message before sending

        Msg is authentic <=> encrypted msg can be successfully decrypted

Reversable Encryption/Decryption of the whole msg is slow

   b. Msg + Digest( A function of msg, f(msg) )  

       i. Digest = Encrypt(Msg, Key)   (Digest here is also called MAC)

          Sender sends Msg + Digest

          Receiver regardd Msg as authentic <=>  Encrypt(Msg, Key) = Digest

The encryption algorithm here needs not to be reversable

       ii.Digest = Hash(Msg + SecretValue)

          Sender sends Msg + Digest

          Receiver regardd Msg as authentic <=>  Hash(Msg + SecretValue) = Digest          

3. Hash Functions

   a.SHA-1: 160bits output (Not as safe as it claims. Avoid this one)

   b.SHA-250, SHA-384, SHA-512: safe

   c.MD5: 128bits output (Can be brutely cracked)

   d.Whirpool: 512bit output. safe

Java API examples


   MessageDigest md = MessageDigest.getInstance("SHA-1");

   MessageDigest md = MessageDigest.getInstance("MD5");


        KeyGenerator kg = KeyGenerator.getInstance("HmacMD5");

        SecretKey sk = kg.generateKey();

        Mac mac = Mac.getInstance("HmacMD5");


        byte[] result = mac.doFinal(message.getBytes());

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.