MESSAGE AUTHENTICATION CODE in cryp.pptx
soundariya20
8 views
19 slides
Oct 25, 2025
Slide 1 of 19
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
About This Presentation
Game Theory
Two-player zero-sum games
Optimal Decisions in Games
Heuristic Alpha
Beta Tree Search
Monte Carlo Tree Search
Stochastic Games
Partially Observable Games
Limitations of Game Search Algorithms
Constraint Satisfaction Problems- Defining Constraint Satisfaction Problems Constraint Pr...
Slide Content
MESSAGE AUTHENTICATION CODES
Message Authentication Requirement Verify that received message came from alleged source and was not altered. Verify Sequencing and timeliness. Digital Signature and Authentication technique includes measures for source non-repudiations.
Message Authentication Functions Message authentication or digital signature mechanism has two levels of functionality. Lower level functionality produces authenticator: a value to authenticate message. Higher level functionality – verify message authenticity. Authenticator – classes: Hash Function Message encryption Message Authentication Code(MAC) – function of message & secret key – outputs fixed length value.
Message Encryption: Symmetric and Public-Key Encryption
Frame Check Sequence(FCS): Error-detecting Codes
TCP Segment
Message Authentication Code(MAC) This authentication technique involves the use of a secret key to generate a small fixed-size block of data, known as a cryptographic checksum or MAC, that is appended to message. MAC as a function of message and key: MAC = C(K,M) Where M – input message C – MAC function K – shared secret key
Basic Uses of Message Authentication Code(MAC)
Security of MACs 1.Brute-Force Attack : On MAC its more difficult than a brute force attack on a hash function because it require known message-tag pairs . Computation resistance: Given one or more text-MAC pairs[xi, MAC(K, xi)], it is computationally infeasible to compute any text-MAC pair[x, MAC(K, x)] for any new input x ≠ xi. 2.Cryptanalysis : Ideal MAC algorithm require a cryptanalytic effort greater than or equal to brute force effort.
MACs Based on Hash Functions:HMAC HMAC Design Objectives: To use, without modifications, available hash functions. In particular, to use hash functions that perform well in software and for which code is freely and widely available. To allow for easy replaceability of the embedded hash function in case faster or more secure hash functions are found or required. To preserve the orginial performance of hash function without incurring a significant degradation. To use and handle keys in a simple way . To have a well understood cryptograhic analysis of the strength of the authentication mechanism based on reasonable assumptions about the embedded hash function.
HMAC Algorithm Overall operation of HMAC define following terms: H = embedded hash function(e.g., MD5, SHA-1) IV = initial value input to hash function M = message input of HMAC(including the padding specified in the embedded hash function) Y i = ith block of M, 0 ≤ i ≤ (L – 1) L = number of blocks in M b = number of bits in a block n = length of hash code produced by embedded hash function K = secret key; recommended length is ≥ n; if key length is greater than b, the key is input to the hash function to produce an n-bit key K + = K padded with zeros on the left so that result is b bits in length
ipad = 00110110 (36 in hexadecimal) repeated b/8 times opad = 01011100 (5C in hexadecimal) repeated b/8 times Then HMAC can be expressed as HMAC(K,M) = H[(K + xor opad) ║H[K + xor ipad) ║M]]
HMAC Structure
Algorithm description of HMAC as follows: Append zeros to the left end of K to create a b-bit string K + . XOR K + with ipad to produce the b-bit block S i . Append M to S i . Apply H to the stream generated in step3. XOR K + with opad to produce the b-bit block S . Append the hash result from step 4 to S . Apply H to the stream generated in step 6 and output the result.
MACs Based on Block Ciphers: DAA & CMAC Data Authentication Algorithm (DAA): The Algorithm defined as using cipher block chaining(CBC) mode of operation of DES with encryption algorithm E, secret key K, data blocks D 1 , D 2 , …, D N . Data Authentication Code(DAC) calculated as follows, O 1 = E(K,D 1 ) O 2 = E(K, [D 2 xor O 1 ]) O 3 = E(K, [D 3 xor O 2 ]). . . . O N = E(K, [D N xor O N-1 ])
Cipher-Based Message Authentication Code(CMAC) CMAC mode of operation uses AES and triple DES. Message is divided into n blocks(M1, M2, …,Mn), k-bit encryption key K and b-bit constant, K1. CMAC is calculated as follows: C 1 = E(K,M 1 ) C 2 = E(K, [M 2 xor C 1 ]) C 3 = E(K, [M 3 xor C 2 ]). . . . C n = E(K, [M n xor C n-1 xor K 1 ]) T = MSB Tlen (C n )
CMAC Where T = message authentication code, referred as tag Tlen = bit length of T MSBs(X) = s leftmost bits of bit string X If message not an integer multiple of cipher block length, then final block is padded to the right(least significant bits) with a 1 and as many 0s as necessary so that final block is of length b. The CMAC operation proceeds as before, except that a different b-bit keyK 2 is used instead of K 1 .
CMAC
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 8
- Slides 19
- Age 36 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views