Review Confidentiality enough? 復大软件学院
6 Review • Confidentiality • enough?
ef Security Requirements disclosure traffic analysis masquerade content modification sequence modification timing modification source repudiation destination repudiation 復大软件学院
7 Security Requirements • disclosure • traffic analysis • masquerade • content modification • sequence modification • timing modification • source repudiation • destination repudiation
Message Authentication message authentication is concerned with protecting the integrity of a message validating identity of originator non-repudiation of origin(dispute resolution will consider the security requirements then three alternative functions used message encryption message authentication code( MAC) hash function 復大软件学院
8 Message Authentication • message authentication is concerned with: – protecting the integrity of a message – validating identity of originator – non-repudiation of origin (dispute resolution) • will consider the security requirements • then three alternative functions used: – message encryption – message authentication code (MAC) – hash function
Note !! Message vs. Plaintext We will not consider Confidentiality sometimes Authentication 復大软件学院
9 Note !! • Message vs. Plaintext • We will not consider Confidentiality sometimes. • Authentication ?
Message Encryption message encryption by itself also provides a measure of authentication if symmetric encryption is used then receiver know sender must have created it since only sender and receiver now key used know content cannot of been altered if message has suitable structure, redundancy or a checksum to detect any changes 復大软件学院
10 Message Encryption • message encryption by itself also provides a measure of authentication • if symmetric encryption is used then: – receiver know sender must have created it – since only sender and receiver now key used – know content cannot of been altered – if message has suitable structure, redundancy or a checksum to detect any changes