Authentication Requirement, Authentication Function

Question 2

What is the purpose of authentication in communication?

Answer 2

To verify the origin and authenticity of a document or message.

Question 3

What must authentication be able to verify?

Answer 3

• The message came from the apparent source or author.
• The contents have not been altered.
• Sometimes, the message was sent at a specific time or in a certain sequence.

Question 4

What type of attack does authentication protect against?

Answer 4

Active attacks such as falsification of data and transactions.

Question 5

What are the two levels of authentication functionality?

Answer 5

• Lower Level: Produces an authenticator (value used to authenticate a message).
• Higher Level: Uses the authenticator to verify message authenticity.

Question 6

What are the types of functions that may be used to produce an authenticator?

Answer 6

• Message encryption
• Message authentication code (MAC)
• Hash function

Question 7

How is message authentication achieved using encryption?

Answer 7

The ciphertext of the entire message serves as its authenticator.

Question 8

What is a MAC?

Answer 8

A function of the message and a secret key that produces a fixed-length value for authentication.

Question 9

How is a MAC used in communication?

Answer 9

• MAC = F(K, M) is calculated.
• MAC is appended to the message.
• Receiver recomputes MAC and compares it to the received MAC.

Question 10

What does successful MAC verification assure?

Answer 10

The message is from the claimed sender and has not been altered.

Question 11

How is DES used in MAC?

Answer 11

It encrypts the message, and the last 16 or 32 bits of ciphertext are used as the MAC.

Question 12

What is a one-way hash function?

Answer 12

A function that takes a variable-size message and returns a fixed-size message digest.

Question 13

Does a one-way hash function use a secret key?

Answer 13

No.

Question 14

How does using conventional encryption with a hash function ensure authenticity?

Answer 14

The message digest is encrypted using a shared secret key, ensuring only sender and receiver can verify authenticity.

Question 15

How does public-key encryption of a hash ensure authentication?

Answer 15

• Provides a digital signature.
• Removes the need to distribute secret keys between parties.

Question 16

How is a secret value used in hashing for authentication?

Answer 16

• A and B share a secret value SAB.
• Sender computes MDM = H(SAB || M) and sends [M || MDM].
• Receiver verifies by computing the same hash.