Message authentication for information security

concept

Authentication (Authentication): that is, authentication, confirmation, it is a process of verifying whether something is worthy of its name or whether it is valid.

The difference between authentication and encryption:

• Encryption is used to ensure the confidentiality of data and prevent passive attacks by opponents, such as interception and eavesdropping.
• Authentication is used to ensure the authenticity of the sender and receiver of the message and the integrity of the original text, and prevent the adversary's active attacks, such as impersonation, tampering, and replay.

Authentication is often the first line of defense for security protection in application systems, and is extremely important (to ensure the legitimacy of users).

The difference between MAC function and encryption function

• MAC functions are similar to encryption functions, and both require the participation of plain text, keys, and algorithms.
• But the MAC algorithm does not require reversibility, and the encryption algorithm must be reversible.
• For example: using a 100-bit message and a 10-bit MAC, then there are a total of 2 ¹⁰⁰ different messages, but only 2 ¹⁰ different MACs. In other words, the average MAC used for every 2^90 messages is the same.
• Therefore, the authentication function is less likely to be compromised than the encryption function, because even if it is compromised, its correctness cannot be verified. The key is that the encryption function is one-to-one, while the authentication function is many-to-one.

MD5 algorithm block diagram

The input message can be any length, and the compressed output is 128 bits.

Algorithm step (1)-packet filling

• If the message length is greater than 2 ⁶⁴ , take its modulo 2 ⁶⁴ .
• After execution, the length of the message is a multiple of 512 (set to L times), then the message can be expressed as a series of packets Y0, Y1,..., YL _-1 with a packet length of 512 , and each packet can be expressed as 16 32-bit long words, so the total number of words in the message is N=L×16, so the message can be expressed as M[0,...,N _-1 ] in terms of words .

Algorithm step (2)-buffer initialization

The intermediate result and final result of the hash function are stored in a 128-bit buffer, which is represented by a 32-bit register. It can be represented by 4 32bits words: A, B, C, D. The initial deposit is expressed in hexadecimal as

A=01234567
B=89ABCDEF
C=FEDCBA98
D=76543210

Algorithm step (3) -H _MD5 operation

• The message is processed in units of packets. Each packet Yq (q=0,...,L _-1 ) is processed by a compression function HMD5. HMD5 is the core of the algorithm, in which there are 4 rounds of processing.
• The structure of the 4 rounds of H _{MD5 is} the same, but the logic functions used are different, denoted as F, G, H, and I respectively. The input of each round is the currently processed message packet Yq and the current values ​​A, B, C, and D of the buffer, and the output is still placed in the buffer to generate new A, B, C, and D.
• Each round requires 16 iterations, and 4 rounds require 64 steps to complete.
• The output of the fourth round is added to the input of the first round to get the final output.
  
  One-step iteration in the compression function
  

The basic logic functions defined in

the compression function of iteration

X[k] The kth 32-bit word of the current packet.

One-step iteration in the compression function

T[i]

T[1,...,64] is a table of 64 elements, divided into four groups to participate in different rounds of calculation. T[i] = 2 ³² × the integer part of abs(Sin(i)), i is radians. T[i] can be represented by a 32-bit binary number, and its purpose is to participate in the calculation to eliminate the regularity of the input data.

One-step iteration in the compression function

CLS _s : rotate left by s position

First round:
7, 12, 17, 22 Second round: 5, 9, 14, 20
Third round: 4, 11, 16 , 23
Fourth round: 6, 10, 15, 21

Algorithm Description

Message filling: exactly the same as MD5
Additional message length: 64bit length
Buffer initialization
A=67452301
B=EFCDAB89
C=98BADCFB
D=10325476
E=C3D2E1F0

Packet processing

SHA-1 compression function (single step)

ft ----Basic logic function

SHA-1 compression function (single step)

Wt — 32-bit word derived from the current 512-bit input packet

The first 16 values ​​(ie W ₀ , W ₁ ,…, W ₁₅ ) are directly taken as the 16 corresponding words of the input group, and the remaining values ​​(ie W ₁₆ , W ₁₇ ,…, W ₇₉ ) are taken as

Kt —addition constant