Message authentication

In information security, message authentication or data origin authentication is a property that a message has not been modified while in transit (data integrity) and that the receiving party can verify the source of the message.[1] Message authentication does not necessarily include the property of non-repudiation.[2][3]

Message authentication is typically achieved by using message authentication codes (MACs), authenticated encryption (AE) or digital signatures.[2]

Some cryptographers distinguish between "message authentication without secrecy" systems -- which allow the intended receiver to verify the source of the message, but don't bother hiding the plaintext contents of the message -- from authenticated encryption systems.[4] A few cryptographers have researched subliminal channel systems that send messages that appear to use a "message authentication without secrecy" system, but in fact also transmit a secret message.

See also

References

  1. Mihir Bellare. "Chapter 7: Message Authentication" (PDF). CSE 207: Modern Cryptography. Lecture notes for cryptography course.
  2. 1 2 Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone. "Chapter 9 - Hash Functions and Data Integrity" (PDF). Handbook of Applied Cryptography. p. 361.
  3. "Data Origin Authentication". Web Service Security. Microsoft Developer Network.
  4. G. Longo, M. Marchi, A. Sgarro "Geometries, Codes and Cryptography". p. 188.
This article is issued from Wikipedia - version of the 7/8/2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.