Question

This is all the questions, There are no MAC code include, so just need a general answer but need to be close to the questions. Thank you and the unit this question come from name "Computer Networks"
Question 12 (10 points) Consider Message Authentication Codes:
a) Identify whether an symmetric / asymmetric cryptosystem is used and explain how it is applied to generate and validate the MAC.
b) Describe any additional information is needed by the receiver to validate the MAC.
c) Explain whether the receiver can trust a successfully validated MAC and any assumptions about the additional information you identified in (b) for a validated MAC to be trusted.

Answer 1

a)

In a simple model of the cryptosystem, the sender sends a plaintext that gets encrypted to a ciphertext because of the encryption key and encryption algorithm. Whereas on the receiver side, the ciphertext is decrypted to plaintext by using the decryption key and the decryption algorithm. Both the encryption key and the decryption key are known to a sender and receiver. Symmetric key encryption uses the same key for both encryption and decryption of plaintext whereas asymmetric key encryption uses different keys for both encryption and decryption of plaintext.

1. In a symmetric cryptosystem, the relation between the keys is the same and both the encryption as well as decryption keys are symmetric in nature.
2. In a public-key cryptosystem, the relation between the keys is different but mathematically they are related and their encryption key is public whereas the decryption key is private in nature.

In MAC (Message Authentication Code), both sender and receiver use same key (or must agree on the same key) before the communication begins, this provide authentication to the message. Then by using private key, a digital signature is generated to protect the plaintext, as in public-key cryptography. So both symmetric cryptosystem and asymmetric cryptosystem are used in Message Authentication Codes that ensure integrity and authenticity for a plaintext.

b) In Message Authentication Code the sender uses MAC algorithm and secret key to send a message and produces a MAC value. Sender forwards the message along with MAC and assumes that message is sent clearly. To provide confidentiality to the message both the sender and receiver can use encryption and decryption methodology. On the receiver side, the receiver shares secret keys into the MAC algorithm and re-computes the MAC value. The receiver checks whether MAC values are equal to each other. When they match, receiver accepts the message and assures that this message is sent by intended sender. If computed MAC does not match with the MAC sent by sender then the receiver assumes that message is not original rather it is altered.

c) Receiver cannot trust successfully on validated MAC due to its symmetric nature of operation but can be trusted if digital signatures are applied to it.