Cryptography Reference
In-Depth Information
he can discard the illegitimate message without having to decipher it, a time-
saver, especially if a lot of fake messages are in the tra:c. Hence, this option
is more e:cient. If Alice authenticates first, say, with a MAC for instance,
then when Alice sends Bob a message, Mallory only gets to see the ciphertext
and enciphered MAC. Therefore, Mallory will find it more di:cult to launch an
attack than if Alice enciphered first since the plaintext and original MAC value
are disguised.
So which do we perform first? The question boils down to whether we should
fear an active or a passive attack. If we encipher first, Mallory will attack the
authentication function first and be able to launch an active attack if successful,
where data can be modified. If we authenticate first, Mallory gets to attack the
encryption function first and read data, a passive attack. More damage is done
in the former than in the latter. Of course, Mallory may well be unsuccessful if
a truly strong scheme is used. Hence, as it often does, the issue comes down to
sacrificing security for e:ciency or sacrificing e:ciency for security.
7.4
We conclude this section with a summary of the key elements of our study
of authentication functions.
Summary of Encryption, MACs, and Hash Functions
1.
MACs and Hash Functions
:
a
is a shared secret authentication key,
E
is an SKC,
k
is a shared secret key, and
h
is a hash function.
(i)
(
m
,
h
a
(
m
))
−−−−−−−−−→
Alice
Bob
provides authentication
(ii)
Alice
E
k
(
m
,
h
a
(
m
))
−−−−−−−−−−−→
Bob
provides authentication and confidentiality
2.
Encryption functions
:
d
A
is Alice's public PKC key and
e
B
is Bob's
public PKC key.
(i)
E
k
(
m
)
−−−−−→
Bob
provides confidentiality and some authentication
Alice
(ii)
E
d
A
(
m
)
−−−−−−→
Alice
Bob
provides authentication and signature
(iii)
E
e
B
(
E
d
A
)(
m
)
−−−−−−−−−−−→
Bob
provides authentication and signature via
d
A
, and confidentiality via
e
B
Alice
7.4
However, either method is insecure if improperly implemented (see [142], for instance).
Search WWH ::
Custom Search