Tip

Data integrity and PKI



Excerpted from InformIT.

The PKI service of integrity may employ one of two techniques. First, a digital signature, while it serves the purpose of providing authenticity

    Requires Free Membership to View

    Login

(that is, entity authentication), simultaneously provides integrity over the signed data. This is a consequence of a necessary property of cryptographic hash algorithms and signature algorithms; any change in the input data leads to a large, unpredictable change in the output with very high probability. In other words, if the data has changed (either by accident, or by deliberate manipulation) between "there" and "here" or between "then" and "now," the signature will fail to verify, and the loss of integrity will be obvious to the recipient. If, on the other hand, the signature verifies, the recipient is very likely to be in possession of the original (that is, unaltered) data.

The second technique that can be employed for integrity is a Message Authentication Code, or MAC. This technique typically uses a symmetric block cipher (for example, DES-CBC-MAC [FIPS113]) or a cryptographic hash function (for example, HMAC-SHA-1 [RFC2104]). Although these are both symmetric solutions (as opposed to public-key solutions), it is important to note that they are both keyed mechanisms; in particular, they depend on a key that must be shared between the sender of the integrity-protected data and the "consumer" (for example, receiver) of the integrity-protected data. In some environments, the shared key can be derived from a PKI (see IPsec [RFC2401, RFC2411] for example).

The PKI service of integrity for this second technique, then, is that of putting in place the mechanisms to achieve this key sharing when necessary. If Alice wants to send to Bob some integrity-protected data and Bob has an encryption public key, Alice can employ the following sequence of steps:

  1. Generate a fresh symmetric key.
  2. Use the symmetric key to generate a MAC for the data.
  3. Encrypt the symmetric key for Bob using his encryption public key.
  4. Send the data to Bob along with the encrypted key.

Alternatively, if Bob has a key exchange public key (such as a Diffie-Hellman public key), Alice can instead use the following procedure:

  1. Use Bob's key-exchange public key in combination with her key-exchange private key to generate a symmetric key.
  2. MAC the data using that symmetric key.
  3. Send the data to Bob along with her public key certificate.

Bob can then regenerate the symmetric key using Alice's public key and his own private key to verify the integrity of the data.

If a digital signature is not used to provide data integrity, a good cryptographic MAC function is required.

Read the rest of this tip on InformIT. You have to register there, but it's free.

Did you like this tip? Like or hate it, why not let us know? E-mail to sound off, or visit our tips page to rate this and other tips, or submit one of your own.

Related Book

PKI: A Wiley Tech Brief
By Tom Austin
Summary:
This is a plain-language tutorial on the most important security technology for Internet applications.


This was first published in March 2001

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top