Message Authentication Codes: Formalism

This lecture covers the concept of message authentication codes (MACs) and their formalism, focusing on the case study of mobile telephony. The instructor explains the process of processing with extra data, CCM, GCM mode, and GCM. Various aspects such as misuse attacks on GCM, authenticated modes to remember, and security notions related to integrity and authentication are discussed. The lecture delves into topics like commitment schemes, key derivation functions, pseudorandom generators, cryptographic hash functions, and the security of message authentication codes against key recovery and forgery. A case study on mobile telephony, specifically GSM architecture, slang, protocol, peer authentication, encryption, privacy protections, and improvements in 3G mobile telephony, is presented.

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related lectures (54)

Related concepts (165)

This course introduces the basics of cryptography. We review several types of cryptographic primitives, when it is safe to use them and how to select the appropriate security parameters. We detail how

Authentication

Authentication (from αὐθεντικός authentikos, "real, genuine", from αὐθέντης authentes, "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit.

Multi-factor authentication

Multi-factor authentication (MFA; two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism. MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

Message authentication

In information security, message authentication or data origin authentication is a property that a message has not been modified while in transit (data integrity) and that the receiving party can verify the source of the message. Message authentication does not necessarily include the property of non-repudiation. Message authentication is typically achieved by using message authentication codes (MACs), authenticated encryption (AE), or digital signatures.

Transport Layer Security

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications.

Message authentication code

In cryptography, a message authentication code (MAC), sometimes known as an authentication tag, is a short piece of information used for authenticating a message. In other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed. The MAC value protects a message's data integrity, as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content.

Cryptographic Hash Functions and Block Chains COM-401: Cryptography and security

Covers cryptographic hash functions, message authentication codes, and block chains, including bitcoins, proof-of-work, and MAC variants.

Cryptography Basics: Symmetric and Asymmetric Encryption COM-402: Information security and privacy

Introduces the fundamentals of cryptography, focusing on symmetric and asymmetric encryption, data integrity, authentication, and non-repudiation.

Cryptographic Security Fundamentals COM-401: Cryptography and security

Covers cryptographic security fundamentals, including collision search algorithms, public-key cryptography, and risks of underestimating collision attacks.

Commitment Scheme and PRNG COM-401: Cryptography and security

Explores the commitment scheme, key derivation function, and pseudorandom generator in cryptographic protocols, emphasizing their role in ensuring data integrity and authentication.

Conditional Access II EE-552: Media security

Covers conditional access, encryption, decryption, authentication, and advanced encryption standards, exploring identity-based encryption, biometrics, and attribute-based encryption.