Content Integrity
Content integrity comes as a
bonus with cryptography. No one can change encrypted data in a meaningful way
without breaking the encryption. This does not say, however, that encrypted
data cannot be modified. Changing even one bit of an encrypted data stream
affects the result after decryption, often in a way that seriously alters the
resulting plaintext. We need to consider three potential threats:
·
malicious modification that changes content in a meaningful way
·
malicious or nonmalicious modification that changes content in a
way that is not necessarily meaningful
·
nonmalicious modification that changes content in a way that will
not be detected
Encryption addresses the
first of these threats very effectively. To address the others, we can use
other controls.
Error Correcting Codes
We can use error detection and error correction codes to guard against
modification in a transmission. The codes work as their names imply: Error
detection codes detect when an error has occurred, and error correction codes
can actually correct errors without requiring retransmission of the original
message. The error code is transmitted along with the original data, so the
recipient can recompute the error code and check whether the received result
matches the expected value.
The simplest error detection
code is a parity check. An extra bit
is added to an existing group of data bits depending on their sum or an
exclusive OR. The two kinds of parity are called even and odd. With even parity the extra bit is 0 if the
sum of the data bits is even and 1 if the sum is odd; that is, the parity bit
is set so that the sum of all data bits plus the parity bit is even. Odd parity is the same except the sum
is odd. For example, the data stream 01101101 would have an even parity bit of
1 (and an odd parity bit of 0) because 0+1+1+0+1+1+0+1 = 5 + 1 = 6 (or 5 + 0 =
5 for odd parity). A parity bit can reveal the modification of a single bit.
However, parity does not detect two -bit errorscases in which two bits in a
group are changed. That is, the use of a parity bit relies on the assumption
that single-bit errors will occur infrequently, so it is very unlikely that two
bits would be changed. Parity signals only that a bit has been changed; it does
not identify which bit has been changed.
There are other kinds of
error detection codes, such as hash
codes and Huffman codes. Some of
the more complex codes can detect multiple-bit errors (two or more bits changed
in a data group) and may be able to pinpoint which bits have been changed.
Parity and simple error
detection and correction codes are used to detect nonmalicious changes in
situations in which there may be faulty transmission equipment, communications
noise and interference, or other sources of spurious changes to data.
Cryptographic Checksum
Malicious modification must be handled in a way
that prevents the attacker from modifying the error detection mechanism as well
as the data bits themselves. One way to do this is to use a technique that
shrinks and transforms the data, according to the value of the data bits.
To see how such an approach might work,
consider an error detection code as a many-to-one transformation. That is, any
error detection code reduces a block of data to a smaller digest whose value
depends on each bit in the block. The proportion of reduction (that is, the ratio
of original size of the block to transformed size) relates to the code's
effectiveness in detecting errors. If a code reduces an 8-bit data block
to a 1-bit result, then half of the 28
input values map to 0 and half to 1, assuming a uniform distribution of
outputs. In other words, there are
28/2 = 27 = 128 different
bit patterns that all produce the same 1-bit result. The fewer inputs that map
to a particular output, the fewer ways the attacker can change an input value
without affecting its output. Thus, a 1-bit result is too weak for many
applications. If the output is
three bits instead of one, then each output
result comes from 28/23 or 25 = 32 inputs. The
smaller number of inputs to a given output is important for blocking malicious
modification.
A cryptographic checksum (sometimes called a message digest) is a cryptographic function that produces a
checksum. The cryptography prevents the attacker from changing the data block
(the plaintext) and also changing the checksum value (the ciphertext) to match.
Two major uses of cryptographic checksums are code tamper protection and
message integrity protection in transit. For code protection, a system
administrator computes the checksum of each program file on a system and then
later computes new checksums and compares the values. Because executable code
usually does not change, the administrator can detect unanticipated changes
from, for example, malicious code attacks. Similarly, a checksum on data in
communication identifies data that have been changed in transmission,
maliciously or accidentally.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.