Flashcards in Most used MDC & MAC Deck (20):
What does MD5 stands for?
MD5 stands for message digest 5
What does SHA stands for?
SHA stands for Secure hash algorithm.
When MD5 must not be considered to be used?
MD5 must not be considered to be used if collision resistance is required.
How do MD5 and SHA-1 compare related to speed?
MD5 is 25% faster than SHA1
How do MD5 and SHA1 compare related to simplicity?
Both are simple in all aspects
How do MD5 and SHA1 compare regarding to security?
SHA1 offers better security agains brute force and birthday attacks
What are the commonly used modification detection codes (MDCs)?
MD5 and SHA1
Which are the commonly used message authentication codes (MACs)?
DES-CBC-MAC (Data encryption standard in cipher block chaining mode) and HMAC (Hashed message authentication code)
How does CBC-MAC (cipher block chaining message authentication code) work?
A CBC-MAC is computed by encrypting a message in CBC mode and taking the last ciphertext block or a part of it as the MAC. This MAC do not need to be signed any further as it has already been produced using a shared secret K.
What does CBC-MAC stands for?
cipher block chaining message authentication code
what does DES-CBC-MAC stands for?
Data encryption standard in cipher block chaining mode
What does HMAC stands for?
Hashed message authentication code
Can CBC-MAC be used to check non-repudiation?
No since it is not possible to say exactly who has created a MAC (sender and receiver have the key k).
With which kind of cipher can CBC-MAC be used?
This scheme works with any block cipher.
How is the security of CBC-MAC against birthday attacks?
Good as an attacker does not know k the birthday attack is much more dificult to launch (if not impossible) allowing shorter MACs.
How can CBC-MAC security be strengthened?
both parts should agree upon a second key k' different from k and performin a triple encryption on the LAST block: MAC = E(K;D(K';E(K;Cn-1))) doubling the key space while adding only little computing effort.
Why are symmetric blocks ciphers not used to create modification detection codes(MDCs)?
relatively small block size of 64 bits offers insufficient security against birthday attacks and they require more computing than cryptographic hash function so they are more slow.
Why construct message authentication codes (MACs) from modification detection codes (MDCs)?
Cryptographic hash function generally executes faster than symmetric block cphers and there are no export restrictions to cryptographic hash functions.
What is the basic idea of constructing message authentication codes (MACs) from modification detection codes (MDCs)?
To "mix" a secret key k with the input and compute an modification detection code (MDC).