Cryptography Reference
In-Depth Information
SSL requires that every record fi rst be HMAC'ed before being encrypted. This
may seem like overkill — after all, HMAC guarantees the integrity of a record.
But because you're using symmetric cryptography, the odds are infi nitesimally
small that an attacker could modify a record in such a way that it decrypts mean-
ingfully, at least without access to the session key. Consider a secure application
that transmits the message, “Withdraw troops from Bunker Hill and move them
to Normandy beach.” If you run this through the AES algorithm with the key
“passwordsecurity” and the initialization vector “initializationvc,” you get:
0xc99a87a32c57b80de43c26f762556a76bfb3040f7fc38e112d3ffddf4a5cb703
989da2a11d253b6ec32e5c45411715006ffa68b20dbc38ba6fa03fce44fd581b
So far, so good. An attacker can't modify the message and move the troops — say,
to Fort Knox — without the key. If he tries to change even one bit of the message,
it decrypts to gibberish and is presumably rejected.
He can, however, cut half of it off. The attacker could modify the encrypted
message to be
0xc99a87a32c57b80de43c26f762556a76bfb3040f7fc38e112d3ffddf4a5cb703
This message is received and decrypted correctly to “Withdraw troops from
Bunker Hill.” The recipient has no way to detect the modifi cation. For this
reason, some hash function must be used to verify the integrity of the message
after it's been decrypted. SSL mandates that every record be protected this way
with an HMAC function. You examine this in more detail when the details of
the SSL protocol are discussed.
Also, SSL uses the HMAC function quite a bit as a pseudo-random number
generator. Because the output is not predictably related to the input, the HMAC
function is actually used to generate the keying material from a shared secret.
In fact, the HMAC function is used to generate the fi nal HMAC secret!
Understanding Digital Signature Algorithm (DSA)
Signatures
Now it's time to return to the primary topic of this chapter — digital signatures.
Recall from the beginning of this chapter that, in order to properly support digital
signatures, you must fi rst compute a secure hash of the document/message that
you want to sign, and then perform a public-key operation on that secure hash
using a private key. By now, you should have a very good understanding of
secure hash algorithms, but not the actual mechanics of what to do with those
secure hashes because this hasn't yet been covered.
RSA support for digital signatures is straightforward — compute a secure hash
over the bytes to be signed and “encrypt” it using a private key. The recipient
then verifi es the same signature by computing the secure hash of the same set
Search WWH ::
Custom Search