Message Integrity
· Encryption and decryption provides security, or confidentiality but not integrity.
· The integrity algorithms enable the receiver to check whether the message sent by the sender has been altered in any manner during its transit.
· In these algorithms, a cryptographic integrity checksum is calculated and attached to the message by the sender.
· The receiver recalculates the checksum at its end and compares it with received checksum. If they are same the message is intact (see fig.).
· Example of checksum algorithms are:
1. Message Digest 5 (MD5)
2. Secure Hash Algorithm (SHA)
Message Digest 5 (MD5)
· There are a number of popular message digest algorithms known as MDa for various values of n.
· MD5 is the most popular and is fifth in a series of message digests designed by Ronald Rivest.
· The basic operation of MD5 is shown in fig.
· This algorithm operates on message 512 bits at a time.
· Messages not multiple of 512 bits are padded with:
1. A string consisting of 1 followed by zeroes, and
2. 64-bit integer that indicates the length of original message, to make the length of the composite message multiples of 512 bits.
· The message digest calculation begins with a digest value initialized to constant.
· This value is combined with the first 512 bits of the message to produce a new value for the digest (see fig.).
· The new value is than combined with the next 512 bits the message using the same transformation.
· This process is repeated on each 512-bit block till the final value of digest is obtained from the last block of the message.
· The digest is 128-bit long for any message length.
Secure Hash Algorithm-1 (SHA-1)
· Security Hash Algorithm (SHA) was developed in 1993 by the National Institute of Standards and Technology (NIST) and National Security Agency (NSA).
· It was designed as the algorithm to be used for hashing in the US Digital Signature Standard.
· Hashing function is one of the most commonly used encryption methods. A hash is special mathematical function that performs one-way encryption.
· SHA-1 is a revised version of SHA designed by NIST and was published as a Federal Information Processing Standard (FIPS).
· Like MD5, SHA-1 processes input data in 512-bit blocks.
· SHA-1 generates a 160-bit message digest. Whereas MD5 generated message digest of 128 bits.
· The procedure is used to send a non secret but signed message from sender to receiver. In such a case following steps are followed:
1. Sender feeds a plaintext message into SHA-1 algorithm and obtains a 160-bit SHA-1 hash (see fig.).
2. Sender then signs the hash with his RSA private key and sends both the plaintext message and the signed hash to the receiver.
3. 3. After receiving the message, the receiver computes the SHA-1 hash himself and also applies the sender's public key to the signed hash to obtain the original hash H.
No comments:
Post a Comment