Now we've talked about hashing, and we've said that the real problem with hashing is there's nothing that's part of a hash to indicate the authenticity of the messages in to indicate the origin of the message or even who put the hash on the message. If I was a malicious attacker and I modified the message, I just modified the hash, too.
So what we need is we need a higher degree of assurance
to get really true integrity and authenticity and, in turn, integrity and authenticity. Together, they're going to give me non repudiation, and that's where digital signature comes in. So with the digital signature, the messages hatched the hash. The hash gives us
The hash is then encrypted with the sender's private key, the sender's private key.
and that's called a digital signature. When the receiver gets the message, they decrypt the hash with cinders public key.
If the center's public, he will decrypt the hash. It must have been encrypted with the senator's private key, with only which only that legitimate sender has okay, so that the receiver then hash is the document compares. The two hash is, and as long as the hashes match. We know that message hasn't been modified,
and we get the assurance
of the origin of the message, so that gives us true non repudiation now. The only drawback with the digital signature, though, is the fact that a digital signature requires a public key infrastructure in order to work. So, for instance, if you take a look at this slide, we've got Alison Bob Alice on the laugh. Bob on the right
is getting ready to send a message. So she checks the check box in her email application to digitally signed her message. So what happens then is the messages automatically hash fire application and her private keys used to encrypt the hash. But how did Alice get a private key? How to get a public? He?
How did that public private key pair get associated with out Lis?
How did Bob get him? How does Bob have the assurance that the key Alice that Alice's public key really is Alice's public key? And how does he know that that hasn't been revoked? How do we make sure that we have software that's ableto understand? Public and private? Key exchange.
Okay, so digital signatures weren't very well, but they require a reasonable degree of overhead
now because of the security that that they bring in. It's worth it. In many instances, many organizations have public key infrastructures, however, for smaller organizations, it may be too much overhead. So the idea of digitally signing messages is great. But ain't nothing free and ain't nothing easy.
So what we've got is we've gotta hash on one end of the spectrum. And if you'll recall, the hash just was Ah
ah, quick, easy way to get integrity. We've got a digital signature on the other end of the spectrum, which does? It just gives us integrity. It gives us integrity and authenticity, and there's two combined. Give us non repudiation, but
there's a lot of overhead.
So what we actually need is we actually need something in the middle, and that's where a Mac comes in. All right, so what a Mac
stands for is message authentication code, and the purpose of the Mac is to give us integrity
and reasonable authenticity
without having to have all the overhead of a digital signature.
So applications that use Max will take the message,
us, uh, pre agreed upon shared secret a shared key, a symmetric key. And they'll have hash the message and the symmetric key.
And the value that's produced is called in H Mac, Where Hashed Mac.
Now that's great. Doesn't require an overhead. So why don't we just use that? Well, the problem is, ah, Hash Mac includes a symmetric key symmetric number. How did I get you the symmetric number? Remember the problems with symmetric algorithms?
Well, maybe it's a derivative of password. We both share, you know, infrequently, that's the case. But the bottom line is,
a Mac, you have all the problems you had with symmetric cryptography. How did I get that symmetric key distributed?
all we get we don't get true authenticity because both of us are sharing a key. So a Mac is kind of right in the middle. Ah, hash just gives integrity digital certificates and started digital signature gives me non repudiation, but a lot of overhead
A mac gives me a reasonable assurance of authenticity because a symmetric key is used without having to go through all the overhead of a P. K. I