Professional Documents
Culture Documents
Chapter - 4 Information Security
Chapter - 4 Information Security
Chapter -4
Mr.Rajasekhar Boddu
Introduction
• Until now, we discussed the use of symmetric and public key schemes
to achieve the confidentiality of information
• The focus of this chapter is on data integrity and cryptographic tools
used to achieve the same.
• When sensitive information is exchanged, the receiver must have the
assurance that the message has come intact from the intended sender
and is not modified inadvertently or otherwise.
• There are two different types of data integrity threats,
namely passive and active.
Passive Threats
• The MD family comprises of hash functions MD2, MD4, MD5 and MD6
• In 2004, collisions were found in MD5 and analytical attack was reported.
• The attacker, instead of modifying file data, can change the entire file
and compute all together new hash and send to the receiver.
• This integrity check application is useful only if the user is sure about
the originality of file.
Message Authentication
• User is not sure about the originator of the message.
•Verifier also runs same hash function on received data to generate hash value.
• For verification, this hash value and output of verification algorithm are compared.
• Based on the comparison result, verifier decides whether the digital signature is valid.
Importance of Digital Signature
• Message Authentication
• Data Integrity
• Non-repudiation
The End