Message authentication

In information security, message authentication or data origin authentication is a property that a message has not been modified while in transmission (data integrity) and that the receiving party can verify the source of the message.^[1] Message authentication does not necessarily include the property of non-repudiation.^[2]^[3]

Message authentication is typically achieved by using message authentication codes (MACs), authenticated encryption (AE) or digital signatures.^[2] The message authentication code, also known as digital authenticator, is used as an integrity check based on a secret key shared by two parties to authenticate information transmitted between them.^[4] It is based on using a cryptographic hash or symmetric encryption algorithm.^[5] The authentication key is only shared by at least two parties or two communicating devices but it will fail in the existence of a third party since the algorithm will no longer be effective in detecting forgeries.^[6] In addition, the key must also be randomly generated to avoid its recovery through brute force searches and related key attacks designed to identify it from the messages transiting the medium.^[6]

Some cryptographers distinguish between "message authentication without secrecy" systems -- which allow the intended receiver to verify the source of the message, but don't bother hiding the plaintext contents of the message -- from authenticated encryption systems.^[7] Some cryptographers have researched subliminal channel systems that send messages that appear to use a "message authentication without secrecy" system, but in fact also transmit a secret message.

References

^ Mihir Bellare. "Chapter 7: Message Authentication" (PDF). CSE 207: Modern Cryptography. {{cite book}}: |work= ignored (help)
^ ^a ^b "Chapter 9 - Hash Functions and Data Integrity" (PDF). Handbook of Applied Cryptography. p. 361. {{cite book}}: Unknown parameter |authors= ignored (help)
^ "Data Origin Authentication". Web Service Security. Microsoft Developer Network.
^ Patel, Dhiren (2008). Information Security: Theory and Practice. New Delhi: Prentice Hall India Private Lt. p. 124. ISBN 9788120333512.
^ Jacobs, Stuart (2011). Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance. Hoboken, NJ: John Wiley & sons. p. 108. ISBN 9780470565124.
^ ^a ^b Vacca, John (2009). Computer and Information Security Handbook. Burlington, MA: Morgan Kaufmann Publishers. pp. 111–112. ISBN 9780123743541.
^ G. Longo, M. Marchi, A. Sgarro "Geometries, Codes and Cryptography". p. 188.

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[cse207-1] Mihir Bellare. "Chapter 7: Message Authentication" (PDF). CSE 207: Modern Cryptography. {{cite book}}: |work= ignored (help)

[hac-2] "Chapter 9 - Hash Functions and Data Integrity" (PDF). Handbook of Applied Cryptography. p. 361. {{cite book}}: Unknown parameter |authors= ignored (help)

[msdn-3] "Data Origin Authentication". Web Service Security. Microsoft Developer Network.

[4] Patel, Dhiren (2008). Information Security: Theory and Practice. New Delhi: Prentice Hall India Private Lt. p. 124. ISBN 9788120333512.

[5] Jacobs, Stuart (2011). Engineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance. Hoboken, NJ: John Wiley & sons. p. 108. ISBN 9780470565124.

[:0-6] Vacca, John (2009). Computer and Information Security Handbook. Burlington, MA: Morgan Kaufmann Publishers. pp. 111–112. ISBN 9780123743541.

[7] G. Longo, M. Marchi, A. Sgarro "Geometries, Codes and Cryptography". p. 188.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

See also

References