fbpx
Wikipedia

Message authentication

April 13, 2024

In information security, message authentication or data origin authentication is a property that a message has not been modified while in transit (data integrity) and that the receiving party can verify the source of the message.[1]

Description edit

Message authentication or data origin authentication is an information security property that indicates that a message has not been modified while in transit (data integrity) and that the receiving party can verify the source of the message.[1] Message authentication does not necessarily include the property of non-repudiation.[2][3]

Techniques edit

Message authentication is typically achieved by using message authentication codes (MACs), authenticated encryption (AE), or digital signatures.[2] The message authentication code, also known as digital authenticator, is used as an integrity check based on a secret key shared by two parties to authenticate information transmitted between them.[4] It is based on using a cryptographic hash or symmetric encryption algorithm.[5] The authentication key is only shared by exactly two parties (e.g. communicating devices), and the authentication will fail in the existence of a third party possessing the key since the algorithm will no longer be able to detect forgeries (i.e. to be able to validate the unique source of the message).[6] In addition, the key must also be randomly generated to avoid its recovery through brute-force searches and related-key attacks designed to identify it from the messages transiting the medium.[6]

Some cryptographers distinguish between "message authentication without secrecy" systems – which allow the intended receiver to verify the source of the message, but they don't bother hiding the plaintext contents of the message – from authenticated encryption systems.[7] Some cryptographers have researched subliminal channel systems that send messages that appear to use a "message authentication without secrecy" system, but in fact also transmit a secret message.

Related concepts edit

Data origin authentication and non-repudiation have been also studied in the framework of quantum cryptography.[8][9]

See also edit

References edit

  1. ^ a b Mihir Bellare. (PDF). CSE 207: Modern Cryptography. Lecture notes for cryptography course. Archived from the original (PDF) on 2018-10-09. Retrieved 2015-05-11.
  2. ^ a b Alfred J. Menezes; Paul C. van Oorschot; Scott A. Vanstone. "Chapter 9 - Hash Functions and Data Integrity" (PDF). Handbook of Applied Cryptography. p. 361. from the original on 2021-02-03. Retrieved 2015-05-11.
  3. ^ "Data Origin Authentication". Web Service Security. Microsoft Developer Network. 14 July 2010. from the original on 19 May 2017. Retrieved 11 May 2015.
  4. ^ Patel, Dhiren (2008). Information Security: Theory and Practice. New Delhi: Prentice Hall India Private Lt. p. 124. ISBN 978-81-203-3351-2.
  5. ^ Jacobs, Stuart (2011). Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance. Hoboken, NJ: John Wiley & sons. p. 108. ISBN 978-0-470-56512-4.
  6. ^ a b Walker, Jesse (2013). "Chapter 13 – Internet Security". In Vacca, John R. (ed.). Computer and Information Security Handbook (3rd ed.). Morgan Kaufmann Publishers. pp. 256–257. doi:10.1016/B978-0-12-803843-7.00013-2. ISBN 978-0-12-803843-7.
  7. ^ Longo, G.; Marchi, M.; Sgarro, A. (4 May 2014). Geometries, Codes and Cryptography. Springer. p. 188. ISBN 978-3-7091-2838-1. from the original on 9 January 2024. Retrieved 8 July 2015.
  8. ^ Pirandola, S.; Andersen, U. L.; Banchi, L.; Berta, M.; Bunandar, D.; Colbeck, R.; Englund, D.; Gehring, T.; Lupo, C.; Ottaviani, C.; Pereira, J. (2020). "Advances in Quantum Cryptography". Advances in Optics and Photonics. 12 (4): 1012–1236. arXiv:1906.01645. Bibcode:2020AdOP...12.1012P. doi:10.1364/AOP.361502. S2CID 174799187.
  9. ^ Nikolopoulos, Georgios M.; Fischlin, Marc (2020). "Information-Theoretically Secure Data Origin Authentication with Quantum and Classical Resources". Cryptography. 4 (4): 31. arXiv:2011.06849. doi:10.3390/cryptography4040031. S2CID 226956062.


 

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

April 13, 2024
message, authentication, information, security, message, authentication, data, origin, authentication, property, that, message, been, modified, while, transit, data, integrity, that, receiving, party, verify, source, message, contents, description, techniques,. In information security message authentication or data origin authentication is a property that a message has not been modified while in transit data integrity and that the receiving party can verify the source of the message 1 Contents 1 Description 2 Techniques 3 Related concepts 4 See also 5 ReferencesDescription editMessage authentication or data origin authentication is an information security property that indicates that a message has not been modified while in transit data integrity and that the receiving party can verify the source of the message 1 Message authentication does not necessarily include the property of non repudiation 2 3 Techniques editMessage authentication is typically achieved by using message authentication codes MACs authenticated encryption AE or digital signatures 2 The message authentication code also known as digital authenticator is used as an integrity check based on a secret key shared by two parties to authenticate information transmitted between them 4 It is based on using a cryptographic hash or symmetric encryption algorithm 5 The authentication key is only shared by exactly two parties e g communicating devices and the authentication will fail in the existence of a third party possessing the key since the algorithm will no longer be able to detect forgeries i e to be able to validate the unique source of the message 6 In addition the key must also be randomly generated to avoid its recovery through brute force searches and related key attacks designed to identify it from the messages transiting the medium 6 Some cryptographers distinguish between message authentication without secrecy systems which allow the intended receiver to verify the source of the message but they don t bother hiding the plaintext contents of the message from authenticated encryption systems 7 Some cryptographers have researched subliminal channel systems that send messages that appear to use a message authentication without secrecy system but in fact also transmit a secret message Related concepts editData origin authentication and non repudiation have been also studied in the framework of quantum cryptography 8 9 See also editData integrity Authentication Deniable authenticationReferences edit a b Mihir Bellare Chapter 7 Message Authentication PDF CSE 207 Modern Cryptography Lecture notes for cryptography course Archived from the original PDF on 2018 10 09 Retrieved 2015 05 11 a b Alfred J Menezes Paul C van Oorschot Scott A Vanstone Chapter 9 Hash Functions and Data Integrity PDF Handbook of Applied Cryptography p 361 Archived from the original on 2021 02 03 Retrieved 2015 05 11 Data Origin Authentication Web Service Security Microsoft Developer Network 14 July 2010 Archived from the original on 19 May 2017 Retrieved 11 May 2015 Patel Dhiren 2008 Information Security Theory and Practice New Delhi Prentice Hall India Private Lt p 124 ISBN 978 81 203 3351 2 Jacobs Stuart 2011 Engineering Information Security The Application of Systems Engineering Concepts to Achieve Information Assurance Hoboken NJ John Wiley amp sons p 108 ISBN 978 0 470 56512 4 a b Walker Jesse 2013 Chapter 13 Internet Security In Vacca John R ed Computer and Information Security Handbook 3rd ed Morgan Kaufmann Publishers pp 256 257 doi 10 1016 B978 0 12 803843 7 00013 2 ISBN 978 0 12 803843 7 Longo G Marchi M Sgarro A 4 May 2014 Geometries Codes and Cryptography Springer p 188 ISBN 978 3 7091 2838 1 Archived from the original on 9 January 2024 Retrieved 8 July 2015 Pirandola S Andersen U L Banchi L Berta M Bunandar D Colbeck R Englund D Gehring T Lupo C Ottaviani C Pereira J 2020 Advances in Quantum Cryptography Advances in Optics and Photonics 12 4 1012 1236 arXiv 1906 01645 Bibcode 2020AdOP 12 1012P doi 10 1364 AOP 361502 S2CID 174799187 Nikolopoulos Georgios M Fischlin Marc 2020 Information Theoretically Secure Data Origin Authentication with Quantum and Classical Resources Cryptography 4 4 31 arXiv 2011 06849 doi 10 3390 cryptography4040031 S2CID 226956062 nbsp This cryptography related article is a stub You can help Wikipedia by expanding it vte Retrieved from https en wikipedia org w index php title Message authentication amp oldid 1194597739, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.