Message authentication (was Re: New York Times article)

• To: owner-www-security@ns2.rutgers.edu
• Subject: Message authentication (was Re: New York Times article)
• From: Bennet Yee <bsy@microsoft.com>
• Date: Fri, 13 Oct 95 01:31:24 PDT
• Cc: www-security@ns2.rutgers.edu

Hi Chris,

Christopher Osborn  <cosborn@BBN.COM> writes:
> ...
> Whats the solution?
>
> These types of attacks can happen in any non-authenticated non-encrypted
> network. It matter how well you trust your internal network and the people
> on it. A simple method to prevent the insertion of a trojan is to have a
> md5 signature(I am sure that some one will point out that the sig could
> also be trojaned). Full session encryption(see SSH-1.2) is also an
> answer.

You're partially right -- MD5 is not a signature function, so there's 
no such beast as "md5 signature", at least not a vanilla MD5 hash.  A 
vanilla MD5 hash can be trojan'd.

MD5 is a "message digest" or a cryptographic hash function; unless you 
also perform a key exchange using some other algorithm to obtain a 
shared secret MAC key with which you perform a keyed hash, you wouldn't 
obtain any additional security properties.  When you compute and 
transmit a non-keyed hash, the attacker could modify the data, compute 
a new hash value based on the modified data, and replace the hash value 
that you sent with this new one.

You can, alternatively, digitally sign the hashes sent with each 
message, but that's quite a bit more expensive.

-bsy

• Previous: NYT article
• Next: Re: New York Times article
• Index(es):
  • Index
  • Thread