message authentication in computationally constrained environment ppt
DESCRIPTION
PPT for message authentuicationTRANSCRIPT
Message Authentication in ComputationallyConstrained Environments
PROJECT BY,
Baskaran.B(31606104005)Jeyakumar.J(31606104015)Ramanathan.K(31606104037)
ABSTRACT
RFID and Wireless Sensor Networks serve as an computationally constrained environments. It support security applications such as message integrity, authentication, and time stamping.
It can be efficiently implemented by Hash Message Authentication Codes (HMAC). As clearly stated in the literature, current approved implementations of HMAC require resources that cannot be supported in constrained components. An approach to implement a compact HMAC by the use of stream ciphering is presented in this paper.
INTRODUCTIONINTRODUCTION
MESSAGE integrity and authenticity are essential in MESSAGE integrity and authenticity are essential in security-related communications.security-related communications.
A receiver is expected to be able to verify that a received A receiver is expected to be able to verify that a received message, originally transmitted by a valid source, was not message, originally transmitted by a valid source, was not changed.changed.
Message integrity and authenticity is usually verified using Message integrity and authenticity is usually verified using Compact Message Authentication Code (MAC). Compact Message Authentication Code (MAC).
EXISTING SYSTEMEXISTING SYSTEM
implementations of HMAC require resources that cannot be supported in constrained components.
Possible implementations of hash in constrained environments, based on block ciphers suffers in cost consumption and power consumption.
USECASE DIAGRAM FOR EXISTING SYSTEM
PROBLEMS ON EXISTING SYSTEM
Needed more resources.
Consume more memory.
Slow process.
PROPOSED SYSTEMPROPOSED SYSTEM
An approach to implement a compact HMAC by the use of stream ciphering is presented in this paper.
A stream cipher exhibits the following features:
It produces a pseudorandom keystream output which is very strongly dependent on a parameterizing secret key S.
The underlying security of the cipher is measured in terms of the difficulty in retrieving S, given an output keystream of any feasible length.
USECASE DIAGRAMUSECASE DIAGRAM
SYSTEM ARCHITECTURESYSTEM ARCHITECTURE
Broader Set of AttacksBroader Set of Attacks
sequence modificationsequence modification content modificationcontent modification timing modificationtiming modification source repudiationsource repudiation destination repudiationdestination repudiation
MODULES MODULES
Symetric Encryption and DecryptionSymetric Encryption and Decryption Key GenerationKey Generation Hmac With stream CipherHmac With stream Cipher Hmac VerificationHmac Verification
Message AuthenticationMessage Authentication
message authentication is concerned with: message authentication is concerned with: – protecting the integrity of a message protecting the integrity of a message – validating identity of originator validating identity of originator – non-repudiation of origin (dispute resolution)non-repudiation of origin (dispute resolution)
three alternative functions used:three alternative functions used:– message encryptionmessage encryption– message authentication code (MAC)message authentication code (MAC)– hash functionhash function
Message EncryptionMessage Encryption
message encryption by itself also provides message encryption by itself also provides a measure of authentication.a measure of authentication.
if symmetric encryption is used then:if symmetric encryption is used then:– receiver know sender must have created itreceiver know sender must have created it– since only sender and receiver now key usedsince only sender and receiver now key used– know content cannot of been alteredknow content cannot of been altered– Provides both: sender authentication and Provides both: sender authentication and
message authenticity.message authenticity.
Message Authentication Code Message Authentication Code (MAC)(MAC)
Uses a shared secret key to generate a Uses a shared secret key to generate a fixed-size block of data that is appended fixed-size block of data that is appended to the messageto the message
MAC = CMAC = CKK(M)(M)
Assurances:Assurances:– Message has not been alteredMessage has not been altered– Message is from alleged senderMessage is from alleged sender– Message sequence is unalteredMessage sequence is unaltered
Message Authentication CodeMessage Authentication Code
HMACHMAC
HMAC is a MAC derived from a HMAC is a MAC derived from a cryptographically safe hash-function.cryptographically safe hash-function.
HMAC is the ”mandatory-to-implement” HMAC is the ”mandatory-to-implement” MAC for IP Security.MAC for IP Security.
HMAC is used widely, e.g. in SSLHMAC is used widely, e.g. in SSL
One-way block transformation based on stream cipher.
A stream cipher is a symmetric encryptor
The key generates a pseudorandom keystream.
At the transmitting end, this keystream is XORed with the cleartext stream, yielding a ciphertext stream.
The receiver generates synchronously the same keystream. XORing with the received ciphertext yields the cleartext back.
Stream ciphers operate at a higher speed than block ciphers and haverelatively low hardware complexity
One-way block transformation based on stream cipher.
SYSTEM SPECIFICATION
Hardware Requirement:Hardware Requirement:
SystemSystem : Pentium IV: Pentium IVHard DiskHard Disk : 40 GB: 40 GBRAMRAM : 128 MB: 128 MB
Software Requirement:Software Requirement:
Operating SystemOperating System : Windows XP: Windows XPDatabaseDatabase :SQL:SQLLanguageLanguage :DOTNET:DOTNET
CONCLUSION
A complete highly compact MAC implementation, based on stream ciphering, was presented.
The principle was to implement a hash transformation based on the stream cipher, where the strength of the hash is associated with the underlying security of the cipher.
The hash is then utilized to implement HMAC, based on standard procedures. A specific implementation, based on DECIM (v2), a highly scrutinized stream cipher, was presented and analyzed in detail.
REFERENCE
National Institute of Standards and Technology, “The Keyed-Hash Message Authentication Code(HMAC),” FIPS PUB 198,
Information Technology Laboratory, 2002. H. Krawczyk, “LFSR-Based Hashing and Authentication,”
Proc.
Ann. Int’l Cryptology Conf. (CRYPTO 94), pp. 129-139, 1994.