SlideShare a Scribd company logo

MACs based on Hash Functions, MACs based on Block Ciphers

Download as PPTX, PDF
Maitree Patel, profile picture
Maitree Patel

This document discusses message authentication codes (MACs) based on hash functions and block ciphers. It describes Hash-based MACs (HMAC) which uses a cryptographic hash function combined with a secret key to authenticate messages. HMAC provides integrity and authentication using public/private keys. The document also covers MACs based on block ciphers, specifically the Data Authentication Algorithm (DAA) which is based on DES-CBC, and Cipher-based MAC (CMAC) which fixes security issues with CBC-MAC and can use existing encryption functions to resist attacks. CMAC chains the cipher and XORs the message blocks to generate the authentication tag.

Engineering
1 of 15
Downloaded 29 times
1
2
3
4
5
6
7
8
9
10
11
Most read
12
Most read
13
Most read
14
15
1 VADODARA INSTITUTE OF ENGINEERING ACTIVE LEARNING ASSIGNMENT Presented By: Krishna Patel 150800107047 Maitree Patel 150800107048 Meet Patel 150800107049 : TOPIC :MACs based on Hash Functions, MACs based on Block Ciphers Information and Network Security (2170709)
Content: • Message Authentication • MACs based on Hash Functions • MACs based on Block Ciphers 1. Data Authentication Algorithm ( DAA ) 2. Cipher Based Message Authentication Codes ( CMAC )
• Message authentication is concerned with:  Protecting the integrity of a message  Validating identity of originator  Non-repudiation of origin (dispute resolution) • Will consider the security requirements • Then three alternative functions used:  Message encryption  Message authentication code (MAC)  Hash function Message Authentication
MACs based on Hash Functions • Hash-based message authentication code (HMAC) is a specific construction for calculating a message authentication code (MAC) involving a cryptographic hash function in combination with a secret cryptographic key. • As with any MAC, it may be used to simultaneously verify both the data integrity and the authentication of a message. • Any cryptographic hash function, such as MD5 or SHA-1, may be used in the calculation of an HMAC; the resulting MAC algorithm is termed HMAC-MD5 or HMAC-SHA1 accordingly. • The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, the size of its hash output, and on the size and quality of the key.
MACs based on Hash Functions • Hash-based message authentication code (HMAC) provides the server and the client each with a public and private key. • The public key is known, but the private key is known only to that specific server and that specific client. • The client creates a unique HMAC, or hash, per request to the server by combing the request data and hashing that data, along with a private key and sending it as part of a request. • The server receives the request and regenerates its own unique HMAC. The server compares the two HMACs, and, if they're equal, the client is trusted and the request is executed. This process is often called a secret handshake.
MACs based on Hash Functions, MACs based on Block Ciphers
MACs based on Hash Functions HMAC can be expressed as: where K = secret key; recommended length is ≥ n; if key length is greater than b-bit block, the key is input to the hash function to produce an n-bit key M = message input to HMAC, H = cryptographic hash function, K+ = K padded with zeros on the left so that the result is b bits in length, ∥= concatenation, opad = 01011100 (5C in hexadecimal) repeated b/8 times, ipad = 00110110 (36 in hexadecimal) repeated b/8 times
MACs based on Block Ciphers • We look at two MACs that are based on the use of a block cipher mode of operation. • Data Authentication Algorithm ( DAA ) • Cipher Based Message Authentication Codes ( CMAC )
Data Authentication Algorithm • Data Authentication Algorithm(DAA) is a widely used MAC based on DES- CBC. • Send final block as the MAC or the leftmost M bits (16≤M≤64) of final block. • If necessary, the final block is padded on the right with zeroes to form a full 64-bit block. O1 = E(K, D) O2 = E(K, [D2 ⊕ O1]) O3 = E(K, [D3 ⊕ O2]) ON = E(K, [DN ⊕ ON-1])
Data Authentication Algorithm
CMAC CMAC (Cipher-based Message Authentication Code) is a block cipher based MAC algorithm. It may be used to provide assurance of the authenticity and, hence, the integrity of binary data. This mode of operation fixes security deficiencies of CBC-MAC . C1 = E(K, M1) Where, C2 = E(K, [M2 ⊕ C1] T = message authentication code, also referred to as the tag C3 = E(K, [M3 ⊕ C2]) Tlen = bit length of T Cn = E(K, [Mn ⊕ Cn-1 ⊕K1]) MSBs(X) = the s leftmost bits of thebit string X T = MSBTlen(Cn)
CMAC
CMAC Advantages • Can use existing encryption functions. • Encryption functions have properties that resist pre image and collision attacks • Disadvantage • Encryption algorithms (particularly when chained) can be much slower than hash algorithms
References • http://pubs.sciepub.com/iteces/3/1/1/ • http://www.brainkart.com/article/MACS-Based-on-Block-Ciphers--DAA- And-CMAC_8458/
Thank You

More Related Content

PPT
block ciphers
Asad Ali
 
PPTX
Block cipher modes of operation
harshit chavda
 
PPT
Block Cipher and its Design Principles
SHUBHA CHATURVEDI
 
PPTX
MD5 ALGORITHM.pptx
Rajapriya82
 
PPTX
Key Management and Distribution
Syed Bahadur Shah
 
PPTX
IP Security
Keshab Nath
 
PPTX
MAC-Message Authentication Codes
DarshanPatil82
 
PPT
Ch03
Joe Christensen
 
block ciphers
Asad Ali
 
Block cipher modes of operation
harshit chavda
 
Block Cipher and its Design Principles
SHUBHA CHATURVEDI
 
MD5 ALGORITHM.pptx
Rajapriya82
 
Key Management and Distribution
Syed Bahadur Shah
 
IP Security
Keshab Nath
 
MAC-Message Authentication Codes
DarshanPatil82
 
Ch03
Joe Christensen
 

What's hot (20)

PPT
SHA 1 Algorithm.ppt
Rajapriya82
 
PPTX
Topic1 substitution transposition-techniques
MdFazleRabbi18
 
PPTX
Elgamal & schnorr digital signature scheme copy
North Cap University (NCU) Formely ITM University
 
PPT
Message Authentication Code & HMAC
Krishna Gehlot
 
PDF
Classical encryption techniques
Dr.Florence Dayana
 
PPTX
5. message authentication and hash function
Chirag Patel
 
PPTX
Pass Structure of Assembler
International Institute of Information Technology (I²IT)
 
PPTX
Security services and mechanisms
Rajapriya82
 
PPTX
SHA- Secure hashing algorithm
Ruchi Maurya
 
PPTX
Compiler Design Unit 4
Jena Catherine Bel D
 
PPTX
CMACs and MACS based on block ciphers, Digital signature
Adarsh Patel
 
PPTX
Modern Block Cipher- Modern Symmetric-Key Cipher
Mahbubur Rahman
 
PPTX
Feistel cipher
MDKAWSARAHMEDSAGAR
 
PPTX
Product Cipher
SHUBHA CHATURVEDI
 
PDF
Mobile Network Layer
Rahul Hada
 
PDF
MD-5 : Algorithm
Sahil Kureel
 
PPT
Sliding window protocol
Shehara Abeythunga
 
PDF
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
JAINAM KAPADIYA
 
PPT
Network security cryptographic hash function
Mijanur Rahman Milon
 
PPT
Encoding Techniques
Foundation University Rawalpindi Campus
 
SHA 1 Algorithm.ppt
Rajapriya82
 
Topic1 substitution transposition-techniques
MdFazleRabbi18
 
Elgamal & schnorr digital signature scheme copy
North Cap University (NCU) Formely ITM University
 
Message Authentication Code & HMAC
Krishna Gehlot
 
Classical encryption techniques
Dr.Florence Dayana
 
5. message authentication and hash function
Chirag Patel
 
Pass Structure of Assembler
International Institute of Information Technology (I²IT)
 
Security services and mechanisms
Rajapriya82
 
SHA- Secure hashing algorithm
Ruchi Maurya
 
Compiler Design Unit 4
Jena Catherine Bel D
 
CMACs and MACS based on block ciphers, Digital signature
Adarsh Patel
 
Modern Block Cipher- Modern Symmetric-Key Cipher
Mahbubur Rahman
 
Feistel cipher
MDKAWSARAHMEDSAGAR
 
Product Cipher
SHUBHA CHATURVEDI
 
Mobile Network Layer
Rahul Hada
 
MD-5 : Algorithm
Sahil Kureel
 
Sliding window protocol
Shehara Abeythunga
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
JAINAM KAPADIYA
 
Network security cryptographic hash function
Mijanur Rahman Milon
 
Encoding Techniques
Foundation University Rawalpindi Campus
 
Ad

Similar to MACs based on Hash Functions, MACs based on Block Ciphers (20)

PDF
Computer network system presentation pdf
prajjavalsingh2629
 
PDF
Message Authentication and Hash Function.pdf
sunil sharma
 
PPT
Information and data security cryptography and network security
Mazin Alwaaly
 
PPTX
unit4- predicate logic in artificial intelligence
thirugnanasambandham4
 
PPT
Message Authentication Requirement-MAC
Sou Jana
 
PPT
Message Authentication
chauhankapil
 
PDF
Cs8792 cns - unit iv
ArthyR3
 
PDF
Cs8792 cns - unit iv
ArthyR3
 
PPT
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
jeevasreemurali
 
PDF
Cns
ArthyR3
 
PPT
ch11.ppt
ssuser4198c4
 
PPT
cryptography and network security by william stallings
HimaniP19CSE013
 
PPT
Ch11
Joe Christensen
 
PPTX
Information and network security 42 security of message authentication code
Vaibhav Khanna
 
PPT
Message Authentication: MAC, Hashes
Shafaan Khaliq Bhatti
 
PPTX
Cryptography and network_security
Janani Satheshkumar
 
PPT
ch11.ppt
SomuPatil8
 
PPT
Message authentication
CAS
 
PPTX
Hash Function
Siddharth Srivastava
 
PPT
Network Security Lec5
Federal Urdu University
 
Computer network system presentation pdf
prajjavalsingh2629
 
Message Authentication and Hash Function.pdf
sunil sharma
 
Information and data security cryptography and network security
Mazin Alwaaly
 
unit4- predicate logic in artificial intelligence
thirugnanasambandham4
 
Message Authentication Requirement-MAC
Sou Jana
 
Message Authentication
chauhankapil
 
Cs8792 cns - unit iv
ArthyR3
 
Cs8792 cns - unit iv
ArthyR3
 
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
jeevasreemurali
 
Cns
ArthyR3
 
ch11.ppt
ssuser4198c4
 
cryptography and network security by william stallings
HimaniP19CSE013
 
Ch11
Joe Christensen
 
Information and network security 42 security of message authentication code
Vaibhav Khanna
 
Message Authentication: MAC, Hashes
Shafaan Khaliq Bhatti
 
Cryptography and network_security
Janani Satheshkumar
 
ch11.ppt
SomuPatil8
 
Message authentication
CAS
 
Hash Function
Siddharth Srivastava
 
Network Security Lec5
Federal Urdu University
 
Ad

More from Maitree Patel (11)

PPTX
Form using html and java script validation
Maitree Patel
 
PPT
Software engineering Testing technique,test case,test suit design
Maitree Patel
 
PPTX
Dotnet :Attributes
Maitree Patel
 
PPTX
Advance Java
Maitree Patel
 
PPTX
Introduction of Memory Management
Maitree Patel
 
PPTX
Scheduling Definition, objectives and types
Maitree Patel
 
PPTX
Simple Mail Transfer Protocol
Maitree Patel
 
PPTX
Virtual circuit and Datagram network
Maitree Patel
 
PPTX
Gauss Quadrature Formula
Maitree Patel
 
PPT
Merge sort and Quick sort
Maitree Patel
 
PPTX
Static Import and access modifiers
Maitree Patel
 
Form using html and java script validation
Maitree Patel
 
Software engineering Testing technique,test case,test suit design
Maitree Patel
 
Dotnet :Attributes
Maitree Patel
 
Advance Java
Maitree Patel
 
Introduction of Memory Management
Maitree Patel
 
Scheduling Definition, objectives and types
Maitree Patel
 
Simple Mail Transfer Protocol
Maitree Patel
 
Virtual circuit and Datagram network
Maitree Patel
 
Gauss Quadrature Formula
Maitree Patel
 
Merge sort and Quick sort
Maitree Patel
 
Static Import and access modifiers
Maitree Patel
 

Recently uploaded (20)

PDF
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPTX
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
PDF
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
PDF
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
PPTX
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PPTX
additive manufacturing of ss316l using mig welding
premcdr7799
 
PDF
Well-logging-methods_new................
ZafriFarid
 
PDF
July 2025 - Top 10 Read Articles in International Journal of Software Enginee...
sebastianku31
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PPT
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
PPTX
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PPTX
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PPT
CRASH COURSE IN ALTERNATIVE PLUMBING CLASS
rene militante
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PPTX
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
PPTX
Construction Project Organization Group 2.pptx
vj5agdales
 
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
additive manufacturing of ss316l using mig welding
premcdr7799
 
Well-logging-methods_new................
ZafriFarid
 
July 2025 - Top 10 Read Articles in International Journal of Software Enginee...
sebastianku31
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
CRASH COURSE IN ALTERNATIVE PLUMBING CLASS
rene militante
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
Construction Project Organization Group 2.pptx
vj5agdales
 

MACs based on Hash Functions, MACs based on Block Ciphers

  • 1. 1 VADODARA INSTITUTE OF ENGINEERING ACTIVE LEARNING ASSIGNMENT Presented By: Krishna Patel 150800107047 Maitree Patel 150800107048 Meet Patel 150800107049 : TOPIC :MACs based on Hash Functions, MACs based on Block Ciphers Information and Network Security (2170709)
  • 2. Content: • Message Authentication • MACs based on Hash Functions • MACs based on Block Ciphers 1. Data Authentication Algorithm ( DAA ) 2. Cipher Based Message Authentication Codes ( CMAC )
  • 3. • Message authentication is concerned with:  Protecting the integrity of a message  Validating identity of originator  Non-repudiation of origin (dispute resolution) • Will consider the security requirements • Then three alternative functions used:  Message encryption  Message authentication code (MAC)  Hash function Message Authentication
  • 4. MACs based on Hash Functions • Hash-based message authentication code (HMAC) is a specific construction for calculating a message authentication code (MAC) involving a cryptographic hash function in combination with a secret cryptographic key. • As with any MAC, it may be used to simultaneously verify both the data integrity and the authentication of a message. • Any cryptographic hash function, such as MD5 or SHA-1, may be used in the calculation of an HMAC; the resulting MAC algorithm is termed HMAC-MD5 or HMAC-SHA1 accordingly. • The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, the size of its hash output, and on the size and quality of the key.
  • 5. MACs based on Hash Functions • Hash-based message authentication code (HMAC) provides the server and the client each with a public and private key. • The public key is known, but the private key is known only to that specific server and that specific client. • The client creates a unique HMAC, or hash, per request to the server by combing the request data and hashing that data, along with a private key and sending it as part of a request. • The server receives the request and regenerates its own unique HMAC. The server compares the two HMACs, and, if they're equal, the client is trusted and the request is executed. This process is often called a secret handshake.
  • 7. MACs based on Hash Functions HMAC can be expressed as: where K = secret key; recommended length is ≥ n; if key length is greater than b-bit block, the key is input to the hash function to produce an n-bit key M = message input to HMAC, H = cryptographic hash function, K+ = K padded with zeros on the left so that the result is b bits in length, ∥= concatenation, opad = 01011100 (5C in hexadecimal) repeated b/8 times, ipad = 00110110 (36 in hexadecimal) repeated b/8 times
  • 8. MACs based on Block Ciphers • We look at two MACs that are based on the use of a block cipher mode of operation. • Data Authentication Algorithm ( DAA ) • Cipher Based Message Authentication Codes ( CMAC )
  • 9. Data Authentication Algorithm • Data Authentication Algorithm(DAA) is a widely used MAC based on DES- CBC. • Send final block as the MAC or the leftmost M bits (16≤M≤64) of final block. • If necessary, the final block is padded on the right with zeroes to form a full 64-bit block. O1 = E(K, D) O2 = E(K, [D2 ⊕ O1]) O3 = E(K, [D3 ⊕ O2]) ON = E(K, [DN ⊕ ON-1])
  • 11. CMAC CMAC (Cipher-based Message Authentication Code) is a block cipher based MAC algorithm. It may be used to provide assurance of the authenticity and, hence, the integrity of binary data. This mode of operation fixes security deficiencies of CBC-MAC . C1 = E(K, M1) Where, C2 = E(K, [M2 ⊕ C1] T = message authentication code, also referred to as the tag C3 = E(K, [M3 ⊕ C2]) Tlen = bit length of T Cn = E(K, [Mn ⊕ Cn-1 ⊕K1]) MSBs(X) = the s leftmost bits of thebit string X T = MSBTlen(Cn)
  • 12. CMAC
  • 13. CMAC Advantages • Can use existing encryption functions. • Encryption functions have properties that resist pre image and collision attacks • Disadvantage • Encryption algorithms (particularly when chained) can be much slower than hash algorithms

Editor's Notes

  • #4: Up till now, have been concerned with protecting message content (ie secrecy) by encrypting the message. Will now consider how to protect message integrity (ie protection from modification), as well as confirming the identity of the sender. Generically this is the problem of message authentication, and in eCommerce applications is arguably more important than secrecy.