Message Authentication Algorithms and

Hash Function: Authentication

Requirements, Functions, Message
Authentication Codes, Hash Functions,
Secure Hash Algorithms, Whirlpool,
HMAC, CMAC, Digital Signatures,
Knapsack Algorithm, Authentication
Applications: Kerberos, X.509
Authentication Services, Public-Key
Infrastructure, Biometric Authentication
• Message authentication is a procedure to verify that received messages come from the
alleged source and have not been altered.
• Message authentication may also verify sequencing and timeliness.
• It is intended against the attacks like content modification, sequence modification, timing
modification and repudiation.
• For repudiation, concept of digital signatures is used to counter it.
• There are three classes by which different types of functions that may be used to produce
an authenticator.
They are:
• Message encryption: The ciphertext of the entire message serves as its
authenticator
• Message authentication code (MAC): A function of the message and a secret key
that produces a fixed length value(op) that serves as the authenticator. C(M,K)
• Hash function: A function that maps a message of any length into a fixed-length
hash value, which serves as the authenticator.H(M) = Hash Length(Hashcode h)
MESSAGE ENCRYPTION:
• Message encryption by itself can provide a measure of authentication. The analysis
differs for conventional and public-key encryption schemes.
• The message must have come from the sender itself, because the ciphertext can be
decrypted using his (secret or public) key.
• Also, none of the bits in the message have been altered because an opponent does not
know how to manipulate the bits of the ciphertext to induce meaningful changes to the
plaintext.
• Often one needs alternative authentication schemes than just encrypting the message.
• Sometimes one needs to avoid encryption of full messages due to legal
requirements.
• Encryption and authentication may be separated in the system architecture.
• The different ways in which message encryption can provide authentication,
confidentiality.
• In both ways symmetric and asymmetric encryption techniques is explained with
the table below:
Message Authentication Code (MAC)

• An alternative authentication technique involves the use of a secret key to generate a

small fixed-size block of data, known as cryptographic checksum or MAC,

• which is appended to the message.

• This technique assumes that both the communicating parties say A and B share a

common secret key K.

• When A has a message to send to B, it calculates MAC as a function C of key and
message given as:
MAC=Ck(M)

• The message and the MAC are transmitted to the intended recipient, who upon

receiving performs the same calculation on the received message, using the same

secret key to generate a new MAC.

• The received MAC is compared to the calculated MAC and only if they match, then:
֎ The receiver is assured that the message has not been altered:
֎ Any alternations been done the MAC’s don’t match.
֎ The receiver is assured that the message is from the alleged sender:
֎ No one except the sender has the secret key & could prepare a msg with a proper MAC.
֎ If the message includes a sequence number,
֎ then receiver is assured of proper sequence as an attacker cannot successfully alter the
sequence number.
֎ Basic uses of Message Authentication Code (MAC) are shown in the figure:
There are three different situations where use of a MAC is desirable:

1. If a message is broadcast to several destinations in a network

2. such as a military control center, data center, internet companies etc

3. it is cheaper and more reliable to have just one node responsible to evaluate the

authenticity

4. message will be sent in plain with an attached authenticator.

5. If one side has a heavy load, it cannot afford to decrypt all messages

6. it will just check the authenticity of some randomly selected messages.

7. Authentication of computer programs in plaintext is very attractive service as they

need not be decrypted every time wasting of processor resources.

8. Integrity of the program can always be checked by MAC

Hash function
• A variation on the message authentication code is the one-way hash function.
• As with the message authentication code,
• the hash function accepts a variable-size message M as input and produces a fixed-size
hash code H(M), sometimes called a message digest, as output.
• The hash code is a function of all bits of the message and provides an error-detection
capability:
• A change to any bit or bits in the message results in a change to the hash code.
• A variety of ways in which a hash code can be used to provide message authentication
is shown below and explained stepwise in the table.
• Encryption software is quite slow and may be covered by patents.
• Also encryption hardware costs are not negligible and the algorithms are subject to U.S
export control.
• A fixed-length hash value h is generated by a function H that takes as input a message of
arbitrary length:
h=H(M).
• sends M & H(M) authenticates the message by computing H(M) & checking the match

Secure Hash Algorithm

 The secure hash algorithm (SHA) was developed by the National Institute of

Standards and Technology (NIST).

 SHA-1 is the best established of the existing SHA hash functions, and is employed in

several widely used security applications and protocols.

 The algorithm takes as input a message with a maximum length of less than 264 bits

and produces as output a 160-bit message digest.

• The input is processed in 512-bit blocks.

• The overall processing of a message follows the structure of MD5 with block length of

512 bits and a hash length and chaining variable length of 160 bits.

• The processing consists of following steps:

 Append Padding Bits: The message is padded so that length is congruent to 448 modulo

512; padding always added –one bit 1 followed by the necessary number of 0 bits.

 Append Length: a block of 64 bits containing the length of the original message is added

 Initialize MD buffer: A 160-bit buffer is used to hold intermediate and final results on the

hash function.

 This is formed by 32-bit registers A,B,C,D,E. Initial values: A=0x67452301,

B=0xEFCDAB89, C=0x98BADCFE, D=0x10325476, E=C3D2E1F0.

 Stores in big-endian format i.e. the most significant bit in low address.
 Process message in blocks 512-bit (16-word) blocks:

 The processing of a single 512-bit block is shown above.

 It consists of four rounds of processing of 20 steps each.

 These four rounds have similar structure, but uses a different primitive logical function,

which we refer to as f1, f2, f3 and f4.

 Each round takes as input the current 512-bit block being processed and the 160-bit

buffer value ABCDE and updates the contents of the buffer.

 Each round also makes use of four distinct additive constants Kt.

 The output of the fourth round i.e. eightieth step is added to the input to the first

round to produce CVq1.

 Output: After all L 512-bit blocks have been processed,

 the output from the Lth stage is the 160-bit message digest.
 Where, IV = initial value of ABCDE buffer ABCDEq = output of last round of
processing of qth message block
 L = number of blocks in the message
 SUM32 = Addition modulo 232
 MD = final message digest value.
HMAC (Hash-based Message Authentication Code) and CMAC (Cipher-based Message
Authentication Code) are both cryptographic techniques used for generating message
authentication codes (MACs), which are used to verify the integrity and authenticity of a
message. However, they differ in their underlying mechanisms and applications:
HMAC (Hash-based Message Authentication Code):
HMAC is a construction for creating a MAC using a cryptographic hash function (e.g.,
SHA-256, SHA-3).
It operates by combining the message with a secret key and hashing the result with a
cryptographic hash function.
HMAC provides a way to verify both the data integrity and the authenticity of a
message.
HMAC is widely used in various network security protocols such as TLS (Transport
Layer Security), IPsec (Internet Protocol Security), and SSH (Secure Shell).
CMAC (Cipher-based Message Authentication Code):
CMAC is a block cipher-based MAC algorithm, which means it uses symmetric key
block ciphers (such as AES) to generate MACs.
It operates by encrypting the message with a symmetric key using a block cipher,
then performing additional processing to derive the final MAC.
CMAC is designed to provide stronger security properties than older block cipher
MACs (such as CBC-MAC) and is resistant to certain cryptographic attacks.
CMAC is commonly used in protocols such as IEEE 802.11i (Wi-Fi Protected Access 2 -
WPA2) for securing wireless communications.
 HMAC Interest in developing a MAC, derived from a HMAC has been increasing mainly
because hash functions are generally faster and are also not limited by export
restrictions unlike block ciphers.
 Additional reason also would be that the library code for cryptographic hash functions
is widely available.
 The original proposal is for incorporation of a secret key into an existing hash algorithm
and the approach that received most support is HMAC.
 HMAC is specified as Internet standard RFC2104. It makes use of the hash function on
the given message. Any of MD5, SHA-1, RIPEMD-160 can be used.
HMAC Design Objectives:
 1. To use, without modifications, available hash functions
 2. To allow for easy Replaceability of the embedded hash function
 3. To preserve the original performance of the hash function
 4. To use and handle keys in a simple way
 5. To have a well understood cryptographic analysis of the strength of the MAC based
on reasonable assumptions on the embedded hash function
• The first two objectives are very important for the acceptability of HMAC.
• HMAC treats the hash function as a “black box”, which has two benefits.
• First is that an existing implementation of the hash function can be used for
implementing HMAC making the bulk of HMAC code readily available without
modification.
• Second is that if ever an existing hash function is to be replaced, the existing hash
function module is removed and new module is dropped in.
• The last design objective provides the main advantage of HMAC over other proposed
hash-based schemes.
• HMAC can be proven secure provided that the embedded hash function has some
reasonable cryptographic strengths.
Steps involved in HMAC algorithm:
1. Append zeroes to the left end of K to create a b-bit string K (ex: If K is of length 160-bits
and b = 512, then K will be appended with 44 zero bytes).
2. XOR(bitwise exclusive-OR) K with ipad to produce the b-bit block Si.
3. Append M to Si.
4. Now apply H to the stream generated in step-3
5. XOR K with opad to produce the b-bit block S0.
6. Append the hash result from step-4 to S0.
7. Apply H to the stream generated in step-6 and output the result.
Direct Digital Signature
• Direct Digital Signatures involve the direct application of public-key algorithms
involving only the communicating parties.
• A digital signature may be formed by encrypting the entire message with the sender’s
private key, or by encrypting a hash code of the message with the sender’s private key.
• Confidentiality can be provided by further encrypting the entire message plus
signature using either public or private key schemes.
• It is important to perform the signature function first and then an outer confidentiality
function, since in case of dispute,
• some third party must view the message and its signature.
• But these approaches are dependent on the security of the sender’s private-key.
• Will have problems if it is lost/stolen and signatures forged.
• Need timestamps and timely key revocation.
Arbitrated Digital Signature
• The problems associated with direct digital signatures can be addressed by using an
arbiter, in a variety of possible arrangements.
• The arbiter plays a sensitive and crucial role in this sort of scheme, and all parties must
have a great deal of trust that the arbitration mechanism is working properly.
• These schemes can be implemented with either private or public-key algorithms, and
the arbiter may or may not see the actual message contents.
Using Conventional encryption

Using Public Key Encryption

Kerberos provides a centralized authentication server whose function is to authenticate
users to servers and servers to users.
In Kerberos Authentication server and database is used for client authentication.
Kerberos runs as a third-party trusted server known as the Key Distribution Center
(KDC).
Each user and service on the network is a principal.
The main components of Kerberos are:
Authentication Server (AS):
The Authentication Server performs the initial authentication and ticket for Ticket
Granting Service.
Database:
The Authentication Server verifies the access rights of users in the database.
Ticket Granting Server (TGS):
The Ticket Granting Server issues the ticket for the Server
Step-1:
User login and request services on the host. Thus user requests for ticket-granting
service.

Step-2:
Authentication Server verifies user’s access right using database and then gives ticket-
granting-ticket and session key. Results are encrypted using the Password of the user.

Step-3:
The decryption of the message is done using the password then send the ticket to Ticket
Granting Server. The Ticket contains authenticators like user names and network
addresses.

Step-4:
Ticket Granting Server decrypts the ticket sent by User and authenticator verifies the
request then creates the ticket for requesting services from the Server.

Step-5:
The user sends the Ticket and Authenticator to the Server.

Step-6:
The server verifies the Ticket and authenticators then generate access to the service.
After this User can access the services.
Applications: User Authentication: User Authentication is one of the main applications
of Kerberos. Users only have to input their username and password once with Kerberos
to gain access to the network. The Kerberos server subsequently receives the encrypted
authentication data and issues a ticket granting ticket (TGT).
Single Sign-On (SSO): Kerberos offers a Single Sign-On (SSO) solution that enables users
to log in once to access a variety of network resources. A user can access any network
resource they have been authorized to use after being authenticated by the Kerberos
server without having to provide their credentials again.
Mutual Authentication: Before any data is transferred, Kerberos uses a mutual
authentication technique to make sure that both the client and server are authenticated.
Using a shared secret key that is securely kept on both the client and server, this is
accomplished. A client asks the Kerberos server for a service ticket whenever it tries to
access a network resource. The client must use its shared secret key to decrypt the
challenge that the Kerberos server sends via encryption. If the decryption is successful,
the client responds to the server with evidence of its identity.
Authorization: Kerberos also offers a system for authorization in addition to
authentication. After being authenticated, a user can submit service tickets for certain
network resources. Users can access just the resources they have been given permission
to use thanks to information about their privileges and permissions contained in the
service tickets.
Network Security: Kerberos offers a central authentication server that can regulate user
credentials and access restrictions, which helps to ensure network security. In order to
prevent unwanted access to sensitive data and resources, this server may authenticate
users before granting them access to network resources.
X.509 Authentication Service
X.509 is a digital certificate that is built on top of a widely trusted standard known as ITU
or International Telecommunication Union X.509 standard, in which the format of PKI
certificates is defined.
X.509 digital certificate is a certificate-based authentication security framework that can
be used for providing secure transaction processing and private information.
These are primarily used for handling the security and identity in computer networking
and internet-based communications.
Generally, the certificate includes the elements given below:
Version number: It defines the X.509 version that concerns the certificate.
Serial number: It is the unique number that the certified authority issues.
Signature Algorithm Identifier: This is the algorithm that is used for signing the
certificate.
Issuer name: Tells about the X.500 name of the certified authority which signed and
created the certificate.
Period of Validity: It defines the period for which the certificate is valid.
Subject Name: Tells about the name of the user to whom this certificate has been issued.
Subject’s public key information: It defines the subject’s public key along with an
identifier of the algorithm for which this key is supposed to be used.
Extension block: This field contains additional standard information.
Signature: This field contains the hash code of all other fields which is encrypted by the
certified authority private key.
Authentication Procedures: One-Way Authentication

Two-Way Authentication:

Three-Way Authentication
Kerberos version 5
Realm: Indicates realm of user, A realm is a security policy domain defined for a web or
application server.
Options: Used to request that certain flags be set in the returned ticket
Times: Used by the client to request the following time settings in the ticket:
• from: the desired start time for the requested ticket
• till: the requested expiration time for the requested ticket
• rtime: requested renew-till time
Nonce: A random value to be repeated in message to assure that the response is fresh and
has not been replayed by an opponent
Subkey: The client’s choice for an encryption key to be used to protect this specific
application session. If this field is omitted, the session key from the ticket (Kc,v) is used.

Sequence number: starting sequence number to be used by the server for messages sent
to the client during this session. Messages may be sequence numbered to detect replays.
BIOMETRIC AUTHENTICATION
• Biometric authentication is a type of system that relies on the unique biological
characteristics of individuals to verify identity for secure access to electronic systems.
• Biometric verification is considered a subset of biometric authentication.
• Based on the ways in which individuals can be uniquely identified through one or more
distinguishing biological traits, fingerprints, hand geometry, earlobe geometry, retina
and iris patterns, voice waves, keystroke dynamics, DNA and signatures.
• Biometric authentication is the application of that proof of identity i.e, validating a user
• They used to secure a wide range of electronic communications, including enterprise
security, online commerce and banking, even just logging into a computer/smartphone.
• Biometric authentication systems compare the current biometric data capture to
stored, confirmed authentic data in a database.
• If both samples of the biometric data match, authentication is confirmed and access is
granted. The process is sometimes part of amultifactor authentication system.
• For example, a smartphone user might log on with his personal identification number
(PIN) and then provide an iris scan to complete the authentication process.
• Types of biometric authentication technologies:
• Retina scan: Iris recognition is used to identify individuals based on unique patterns
within the ring shaped region surrounding the pupil of the eye.
• Fingerscanning, the digital version of the ink-and-paper fingerprinting process, works
with details in the pattern of raised areas and branches in a human finger image.
• Finger vein ID is based on the unique vascular pattern in an individual's finger.
• Facial recognition systems work with numeric codes called faceprints, which identify 80
nodal points on a human face.
• Voice identification systems rely on characteristics created by the shape of the
speaker's mouth and throat, rather than more variable conditions.
• Once seen mostly in spy movies (where it might be used to protect access to a top-
secret military lab, for example), biometric authentication is becoming relatively
commonplace.
• In addition to the security provided by hard-to-fake individual biological traits, the
acceptance of biometric verification has also been driven by
• The history of biometric verification:
• The oldest known use of biometric verification is fingerprinting.
• Thumbprints made on clay seals were used as a means of unique identification as far
back as ancient China.
• Modern biometric verification has become almost instantaneous, and is increasingly
accurate with the advent of computerized databases and the digitization of analog data.
• The market for biometrics products is still too fractured to name specific top providers.
• The physical characteristics of the biometrics products available today vary from the
mundane, such as fingerprinting, to the esoteric, like typing speeds and
electrophysiological signals
• Until recently, biometrics was typically used at a physical security level-protecting
facilities at military bases or impenetrable bank vaults, for example.
• But, because single- factor authentication methods are easy to break, companies have
started looking to two-factor solutions, like biometrics.
• However, the following five fundamental barriers may limit the growth of biometric
authentication: