Vamsi Marimganti
Network Security
Discussion
Robert pizani
3.1 List three approaches to message authentication
Message authentication can be referred to as data origin authentication, which entails data integrity. Data integrity requires the fact that there isn't a tempering or alteration of the message. The most commonly used technique to ensuring data integrity is the application of hash function where there is a combination of all the bytes available in the message with the use of a secret key enhancing production of a message digest that is almost impossible to reverse. Message authentication entails a property that there is no modification of message during transit; hence the receiving party can be able to conduct verification of the message source although message authentication doesn't necessitate the inclusion of non-repudiation property. Several functions can be applied in the production of an authenticator which include, hash function, message encryption, and message authentication code (MAC) (National Institute of Standards and Technology, 2017).
The approaches are the application of conventional encryption, the use of public-key encryption, and the implementation of a secret value. Conventional encryption entails the transformation of plaintext messages into ciphertext form, which is to undergo decryption by the intended receiver only. Here the message sender and message receiver come to an agreement regarding a secrete key to be used for the encryption and decryption whereby the secrete key is transmitted generally through public-key methods of encryption. Public key encryption refers to a technique that applies a paired private and public algorithm in securing data communication. Secret values are applied during encryption and decryption (Cramer, 2008).
What is a message authentication code?
This refers to a short information piece that is applied for message authentication and integrity provision regarding message authenticity assurances. This is also referred to as an authentication technique that entails the application of secret keys in the generation of a small data block, which is consequently applied to the message (National Institute of Standards and Technology, 2017).
What properties must a hash function have to be useful for message authentication?
A hash function should comprise of various properties to be considered useful for message authentication. These properties include the fact that H application can be to a data block that is of any size, the H function should be able to bring out a fixed length of the projected output, the H(x) should be relatively easy in conducting computation for any established x that comprises both the software and hardware. The application of hash functions should entail implementations practical with an outline h value whereby there is a computational infeasibility in establishing x in that H(x) = h (one-way property). For any established block x, there is a computational infeasibility in developing y≠ x whereby H(y) is equivalent to H(x), which represents a weak resistant collision. There is a computational infeasibility in establishing any (x, y) pair in that H(x) is equivalent H(y) representing a robust, resistant collision (Cramer, 2008).
In the context of a hash function, what is a compression function?
The compression function based on hash function refers to a single block function for bits available in a hash function (Aumasson et al., 2014).
What are the principal ingredients of a public-key cryptosystem?
The primary public-key cryptosystem ingredients include plaintext, which entails information that I unencrypted whose input is on the hold into cryptographic algorithms, which usually is encryption algorithms. Secondly, the encryption algorithm, which is a smart way of ensuring the privacy and security of data. The sender applies Public-keys during encryption while the sender employs private keys during decryption. Ciphertext comprises information that is encrypted and encoded, and lastly, the decryption algorithm which is applied in data specification and critical encryption algorithms used in decryption of the SOAP message (Aumasson et al., 2014).
List and briefly define three uses of a public-key cryptosystem.
Various uses exist for public-key cryptosystems that include encryption and decryption whereby there is message encryption by the sender basing on the public-key of the recipient. Secondly, digital signature whereby there essential signing of the message by the sender by the application of their private-key. Lastly, key exchange, whereby the two are in collaboration for the exchanging of a session key through, for instance, exchanging private-key for both or one party (National Institute of Standards and Technology, 2017).
What is the difference between a private key and a secret key?
Various distinctions exist between private and secret keys. The secret key is entirely applied in conventional encryption while they're two keys that are utilized for encryption of public key, which is referred to as a public and private key. Private-key is used in asymmetric encryption, while the secrete key is applied in symmetric encryption (Aumasson et al., 2014).
What is a digital signature?
This refers to a mechanism technique whereby there is authentication of the message, which ensures that the message originated from the source that it claims to have originated from. This ensures that the original information content of the intended message isn't changed or altered (Cramer, 2008).
References
Aumasson, J., Meier, W., Phan, R. C., & Henzen, L. (2014). The hash function BLAKE. Springer.
Cramer, R. (2008). Public key cryptography – PKC 2008: 11th international workshop on practice and theory in public-key cryptography, Barcelona, Spain, March 9-12, 2008, proceedings. Springer Science & Business Media.
National Institute of Standards and Technology. (2017). The keyed-hash message authentication code (HMAC).