# Message Encryption

Message Encryption is the important topic of the Subject Information and Network Security.

Following techniques used for authentication:

**Hash function:**Hash function maps a message of any length into a fixed-length hash value, which serves as the authenticator.**Message encryption:**The ciphertext of the entire message serves as its authenticator.**Message authentication code (MAC):**A MAC is a function of the message and a secret key that produces a fixed-length value that serves as the authenticator.

Authentication using message encryption is explained below:

## Message Encryption

**Symmetric Encryption:** A message **M **transmitted from source A to destination B is encrypted using a secret key K shared by A and B.

- No other party knows the key, and hence
**confidentiality**is provided as no other party can recover the plaintext of the message without the knowledge of the key. - The message must have come from A because A is the only other party that possesses
*K*and therefore the only other party which can construct ciphertext that can decrypt with*K*. Thus, authentication is provided. - Furthermore, if
*M*is recovered, B knows that none of the bits of*M*have been altered. Because an opponent that does not know*K*would not know how to alter bits in the ciphertext to produce desired changes in the plaintext. Thus,**data integrity**is also provided. - If the message contains regular language, then the legitimacy of the message can determine.
- But if the message contains arbitrary data like binary object file, digitized X-ray. Then alteration in the message cannot determine by simply looking at the messages.
- In that case, plaintext must have some structure like some message based function (one example is checksum) or add TCP header if TCP/IP is being used.

**Public-Key Encryption: Message Encryption**

The source (A) uses the public key **PU _{b }**of the destination (B) to encrypt

*M*. Because only B has the corresponding private key

**PR**, only B can decrypt the message. But this scheme provides

_{b}**confidentiality**but not authentication. Because any opponent could also use B’s public key to encrypt a message, claiming to be A.

To provide authentication, A uses its private key to encrypt the message. And B uses A’s public key to decrypt it. The message must have come from A because A is the only party that possesses **PR _{a}**

*.*Anyone with

**PU**can decrypt the message. This scheme also provides digital signature because only A could have constructed the ciphertext by encrypting it with

_{a }**PR**.

_{a}If both authentication and confidentiality needed. Then the message encrypted using both** PU _{a}** and

**PRa.by**using its private key to encrypt. Note that this scheme does not provide confidentiality.

This scheme also requires some structure in plaintext if it contains arbitrary data.

**Related Terms**

Information and Network Security, Message Authentication, Hash Functions: Cipher Block Chaining, Secure Hash Algorithm (SHA)

## Leave a Reply