CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [177]
The MAC value is a key, usually derived using a hashing algorithm. The key is normally symmetrical in that the process is accomplished using the same function on both ends of the transmission.
Integrity is also provided using digital signatures that verify that the originator is who they say they are. The next section discusses digital signatures.
FIGURE 7.7 The MAC value is calculated by the sender and receiver using the same algorithm.
Digital Signatures
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Figure 7.8 illustrates this concept.
FIGURE 7.8 Digital signature processing steps
Let’s say that the sender in Figure 7.8 wants to send a message to the receiver. It’s important that this message not be altered. The sender uses the receiver’s public key to create a hash value that is stored in the message digest. The sender then sends the message to the receiver. The receiver can use their private key and compare the value of the message digest. If the message value from the private key is the same as the message digest sent with the message, the receiver knows the message is authentic.
The digital signature is derived from a hash process known only by the originator. The receiver uses a key provided by the sender or a key that will provide the same result. The receiver compares the signature area referred to as a message digest in the message with the calculated value. If the values match, the message hasn’t been tampered with and the originator is verified as the person they claim to be. This process provides both message integrity and authentication.
Authentication
Authentication is the process of verifying that the sender is who they say they are. This is critical in many applications. A valid message from an invalid source isn’t authentic.
One of the common methods of verifying authenticity is the addition of a digital signature. Authenticity can also be established using secret words that have been mutually agreed on in advance. The military has used a series of one-time pads that each radio or communications operator could use to verify the authenticity of the sender. Figure 7.9 illustrates this method. The operator receiving the message challenged the sender using the prescribed pattern. The sender could also challenge the receiver using the same method. In this way, both parties knew they were talking to the right person. These pads were changed either daily or weekly depending on the circumstances. Although it wasn’t foolproof, the system was effective and easy to use.
FIGURE 7.9 A one-time pad used for authentication
A simple process of providing authentication to an organization is the use of code words or key words. For example, you could have a set of code words that instantly identify the person on the other end of a phone conversation.
Fraternal organizations have used secret handshakes, special symbols, and other methods to authenticate an unknown member. If you were part of a fraternal organization, once you had been initiated, you would be taught the secret handshake, which would instantly identify you to other members of the organization. In this way, you would know who was a member and who was an impostor. Some