- Forward


Message Integrity and Authentication
An Introduction


Prof. David Bernstein
James Madison University

Computer Science Department
bernstdh@jmu.edu

Print

Message Integrity and Authentication
Back SMYC Forward
  • The Situation:
    • Alice sends a message to Bob
  • The Issues:
    • Bob wants to verify that the message came from Alice
    • Bob wants to verify that the message wasn't tampered with
Digital Signatures
Back SMYC Forward
  • Creation:
    1. A's message is hashed to create the message digest
    2. The message digest is encrypted using A's private key to create a digital signature
  • Transmission and Use:
    1. A's message and digital signature are transmitted to B
    2. A's message is hashed to create the message digest
    3. A's digital signature is decrypted using A's public key to create the verification value
    4. B compares the message digest and verification value to see if they are identical
Certification
Back SMYC Forward
  • Certificate:
    • A digitally signed statement that provides independent confirmation of an attribute claimed by an individual/organization
  • Certification Authority (CA):
    • A public or private organization that acts as a "trusted third party" in the issuance of certificates (e.g., VeriSign, CyberTrust)
Certification (cont.)
Back SMYC Forward
  • Identifying Certificate:
    • Binds a name to a public key (i.e., identifies the source of a public key)
  • Authorizing Certificate:
    • Provides authorization information (e.g., age, membership status, residence)
  • Transactional Certificate:
    • Attests to some fact about a transaction (e.g., a cyber notary)
There's Always More to Learn
Back -