Message Authentication Codes

Chapter 12

MESSAGE AUTHENTICATION CODES

o   Message Authentication  Requirements

o   Message Authentication Functions

·        Message Encryption

·        Message Authentication Code

o   Requirements for Message Authentication  Codes

o   Security of MACs

·        Brute-Force Attacks Cryptanalysis

o   MACs Based on Hash Functions:   HMAC

·        HMAC Design Objectives HMAC Algorithm Security of HMAC

o   MACs Based on Block Ciphers: DAA and CMAC

·        Data Authentication Algorithm

·        Cipher-Based Message Authentication Code (CMAC)

o   Authenticated Encryption: CCM and GCM

·        Counter with Cipher Block Chaining-Message Authentication Code Galois/Counter Mode

o   Pseudorandom Number Generation Using Hash Functions and  Macs

·        PRNG Based on Hash function PRNG Based on MAC function

KEY POINTS

◆     Message authentication is a mechanism or service used to verify the integrity of a message. Message authentication assures that data received are exactly as sent by (i.e., contain no modification, insertion, deletion, or replay) and that the purported identity of the sender is valid.

◆     Symmetric encryption provides authentication among those who share the secret key.

◆     A message authentication code (MAC) is an algorithm that requires the use of a secret key. A MAC takes a variable-length message and a secret key as input and produces an authentication code. A recipient in posses- sion of the secret key can generate an authentication code to verify the integrity of the message.

◆     One means of forming a MAC is to combine a cryptographic hash function in some fashion with a secret key.

◆     Another approach to constructing a MAC is to use a symmetric block cipher in such a way that it produces a fixed-length output for a variable- length input.

One of the most fascinating and complex areas of cryptography is that of message authentication and the related area of digital signatures. It would be impossible, in anything less than book length, to exhaust all the cryptographic functions and pro- tocols that have been proposed or implemented for message authentication and dig- ital signatures. Instead, the purpose of this chapter and the next is to provide a broad overview of the subject and to develop a systematic means of describing the various approaches.

This chapter begins with an introduction to the requirements for authentica- tion and digital signature and the types of attacks to be countered. Then the basic approaches are surveyed. The remainder of the chapter deals with the fundamental approach to message authentication known as the message authentication code (MAC). Following an overview of this topic, the chapter looks at security considera- tions for MACs. This is followed by a discussion of specific MACs in two categories: those built from cryptographic hash functions and those built using a block cipher mode of operation. Next, we look at a relatively recent approach known as authen- ticated encryption. Finally, we look at the use of cryptographic hash functions and MACs for pseudorandom number generation.