Cryptography Reference
In-Depth Information
7.3 Encryption Functions
Minds are like parachutes. They only function when they are open.
James Dewar
(1842-1923), Scottish physicist
We have seen the first two types of functions that may be employed to
produce a message authenticator in Sections 7.1 and 7.2. Now we turn to
the last of these to close the chapter. Since we have SKCs and PKCs, we
have different methods for using message encryption for authentication. With
an SKC,
E
, and a secret key,
k
is su:cient to provide confidentiality and (a
degree of) authentication (provided the secret key is kept secure). It should
be noted, however, that although Mallory may not know
k
, he may still alter
message content. Yet, not knowing
k
, he does not know how to alter bits in
the ciphertext to produce desired changes in the plaintext. Thus, although the
cryptographic community is aware that the mere fact of encryption does not
guarantee message integrity, the maintenance of a secure secret key can ensure
that tampering is detected. A mechanism for ensuring both confidentiality and
integrity along with the encryption process is to use an MDC (see page 260) in
a fashion that is essentially equivalent to the use of a MAC depicted in Diagram
7.4 on page 261.
Diagram 7.7 SKC Encryption: Confidentiality & Some
Authentication
k
k
E
E
k
(
m
)
Alice
m
m
−−−−→
Bob
→
→
D
=
E
−
1
−−−−−→
With PKC, straight encryption provides confidentiality, but may not provide
authentication as we saw on page 180, since Mallory can mount an imperson-
ation attack. In order to provide authentication with a PKC, Alice must use
her private key,
d
A
, to encipher a message to Bob, who uses Alice's public key,
e
A
, to decrypt. Hence, in this fashion, Alice is
essentially
providing a “digital
signature”, although as we saw in Section 4.3, this is not exactly how formal
digital signatures are formed. Yet, by using her private key, to which
only
she
has access, she is virtually signing the message.
Diagram 7.8 PKC Encryption: Authentication and Signature
e
A
D
d
A
E
Alice
m
−−−−−−→
E
d
A
(
m
)
−−−−−−−−−−−−−−−→
D
e
A
(
E
d
A
(
m
)) =
m
Bob
→
→
Search WWH ::
Custom Search