Message authentication code

Message authentication code can realize “authentication” and “tamper detection”. The contents of secret messages may be tampered with during transmission, which may lead to changes in the decrypted contents, resulting in misunderstandings. Message authentication codes are a mechanism to prevent this from happening.

Message tampering diagram

normal

Suppose, A buys goods from B and tells B the product number ABC.

  • Here, A encrypts the message using the shared key encryption. A sends the key to B in A secure way.
  • A encrypts the message using the shared key.
  • User A sends the ciphertext to user B. After receiving it, user B decrypts the ciphertext and finally obtains the original product number ABC.

Message monitored

This is what happens when there are no problems, and the following might happen during this process.

  • Assume that the ciphertext sent by USER A to USER B is maliciously tampered by X during communication, and user B does not realize the problem after receiving the ciphertext.
  • B decrypts the tampered ciphertext to obtain message XYZ.
  • B sends the wrong item to A, thinking that A ordered the item labeled XYZ.

Resolving listening issues

If you use a message authentication code, you can detect that the message has been tampered with. Then we go back to when A is about to send the ciphertext to B.

  • A generates A key to make A message authentication code and sends the key to B using A secure method.
  • Next, A uses the ciphertext and key to generate A value, in this case 7f05. By theThe value generated by the key and ciphertext is the message authentication code, hereinafter referred to as MAC.
  • User A sends the MAC address (7F05) and ciphertext to user B.
  • Like A, B needs to use ciphertext and keys to generate A MAC. After comparison, B can confirm that the 7F05 calculated by himself is consistent with the 7F05 sent by A.
  • Then, B only needs to use the key to decrypt the ciphertext, and finally B successfully obtains the commodity number ABC sent by A.

Verify the message authentication code

Next, we verify that after using the message message authentication code, X listens for the data. At this point, we return to the time when A is about to send the ciphertext to B.

  • Assume that when USER A sends the ciphertext and MAC address to user B, X modifies the ciphertext.
  • B uses the ciphertext to calculate the MAC address. The obtained value is B85C, which is inconsistent with the received MAC address.
  • From this, B realizes that either the ciphertext or the MAC, or both, may have been tampered with. Then, USER B discards the ciphertext and MAC address received, and user A requests to send the message again.

Encryption is only a numerical calculation and processing process, so even if the ciphertext is tampered with, the decryption related calculations can be performed.

Usage scenarios

If the original message is a long sentence, the meaning of the message will become strange if it is tampered with, so the recipient may notice that it has been tampered with.

However, if the original message is not directly understood by people, such as the commodity number, it will be difficult for the recipient to determine whether it has been tampered with after decryption. Since the password itself cannot tell people if a message has been tampered with, a message authentication code is used to detect it.

defects

When using the message authentication code, both parties can encrypt the message and calculate the MAC address. That is, we cannot prove whether the original message was generated by A or B.

Therefore, by adding that A is A bad person, he can deny his actions after he sends the message by claiming that “the message was fabricated by B”. If B is A bad person, he can also prepare A message and claim “This is A’s message to me”.

When a MAC is used, the generated party and the detected party have the same key. Therefore, it is not clear which party generates the MAC. This problem can be solved by the following “digital signature”.

A digital signature

Digital signature can not only realize authentication and tampering detection of message authentication code, but also prevent denial. Because the message authentication code is encrypted with a shared key, the recipient with the key may also be the sender of the message, which cannot prevent the denial behavior after the event. A digital signature can only be created by the sender, so you can use it to determine who is the sender of the message.

Characteristics of the graphic

  • Suppose A wants to send A message to B
  • A digitally signs the message before sending it. A digital signature can only be generated by A.
  • As long as the sent message has A’s digital signature, it can be determined that the message is sent by A.
  • B can verify the digital signature but cannot generate it.

Digital signature generation diagram

Digital signatures are generated usingPublic-key encryption.

  • First, A prepares the information to be sent, the private key and the public key. The two keys are prepared by the sender of the message, which differs from public-key encryption.
  • User A sends the public key to user B
  • A uses the private key to encrypt the message. The encrypted message is A digital signature.
  • A sends both the message and signature to B
  • B Decrypts the ciphertext (signature) using the public key.
  • B confirms the decrypted message to see if it is consistent with the received message. This is the end of the process.

defects

The encryption and decryption of public-key encryption are time-consuming. In order to save operation time, the message is not directly encrypted. Instead, the hash value of the message is obtained and then encrypted, and then used as a signature.After using the digital signature, B may believe that the sender of the message is A, but it is also possible that X is impersonating A. The fundamental reason is that the producer of the public key cannot be determined by using public key encryption, and there is no information about the producer on the received public key. Therefore, it is possible that the public key was created by someone pretending to be A.

The solution

Digital certificates can solve this problem. An article on digital certificates will be posted later, and you are welcome to keep an eye out for interested developers.

Write in the last

  • The pictures used in this article are from “my first algorithm book”, if infringement, please leave a message in the comment section, the author immediately delete the relevant pictures.
  • If there are any errors in this article, please correct them in the comments section. If this article helped you, please like it and follow 😊
  • This article was first published in nuggets. Reprint is prohibited without permission 💌