***Welcome to ashrafedu.blogspot.com * * * This website is maintained by ASHRAF***

Posts

    Latest Updates

    Sunday, April 24, 2022

    Message Authentication

    Message authentication ensures that the message has been sent by a genuine identity and not by an imposter.

    • The service used to provide message authentication is a Message Authentication Code (MAC).

    • A MAC uses a keyed hash function that includes the symmetric key between the sender and receiver when creating the digest.


    This system makes use of a symmetric key shared by A and B.

    ·         A, using this symmetric key and a keyed hash function, generates a MAC.

    ·         A then sends this MAC along with the original message to B.

    ·         B receives the message and the MAC and separates the message from the MAC.

    ·         B then applies the same keyed hash function to the message using the same symmetric key to get a fresh MAC.

    ·         B then compares the MAC sent by A with the newly generated MAC.

    ·         If the two MACs are identical, it shows that the message has not been modified and the sender of the message is definitely A.

    Limitations of MAC

    There are two major limitations of MAC, both due to its symmetric nature of operation −

    • Establishment of Shared Secret.
      • It can provide message authentication among pre-decided legitimate users who have shared key.
      • This requires establishment of shared secret prior to use of MAC.
    • Inability to Provide Non-Repudiation
      • Non-repudiation is the assurance that a message originator cannot deny any previously sent messages and commitments or actions.
      • MAC technique does not provide a non-repudiation service. If the sender and receiver get involved in a dispute over message origination, MACs cannot provide a proof that a message was indeed sent by the sender.
      • Though no third party can compute the MAC, still sender could deny having sent the message and claim that the receiver forged it, as it is impossible to determine which of the two parties computed the MAC.

    Both these limitations can be overcome by using the public key based digital signatures.


    No comments:

    Post a Comment

    Network session analysis

    Network session analysis Network session analysis is a method of monitoring network activity and availability to identify issues, such as ...