Table of contents
1.
Introduction 
2.
Types of Attacks
2.1.
Passive Attacks
2.2.
Active Attacks
3.
Hash Function 
3.1.
Message Authentication Codes 
3.2.
How Does a Message Authentication Code Work?
4.
Frequently Asked Questions 
4.1.
What are the principles of information security? 
4.2.
Write an example of an active attack.
4.3.
Write an example of a passive attack.
4.4.
How is cryptography used in cryptocurrency?
4.5.
How active and passive attacks are dangerous?
5.
Conclusion 
Last Updated: Mar 27, 2024

Optimality of Deception Probabilities in Cryptography

Career growth poll
Do you think IIT Guwahati certified course can help you in your career?

Introduction 

One of the primary goals of information security is to provide assurance about the origin of a received message. But who is responsible for disrupting the originality of the received messages? Hackers/Attackers

attacks

Types of Attacks

There are two types of attacks: Passive and Active attacks. The difference between them is very important to know for today’s discussion.

Passive Attacks

The passive attack is the initial sort of attack. For specific functions, a passive attack can monitor, observe, or develop the use of the system's data. However, it does not affect the system's resources, and the data remains unaffected. Because passive attacks are carried out in stealth, it is difficult for the victim to notice them. The goal of a passive attack is to get data or to search the network for open ports and vulnerabilities.

attacks

Active Attacks

An active attack might be a network exploit in which the attackers modify or alter the content and cause a system resource to be impacted. The victims will suffer harm as a result of it. The attackers might use passive attacks to gather information before launching a more aggressive strike. The attackers try to break into the system and cause it to lock. The victims can be alerted about the ongoing attack. Their integrity and accessibility may be jeopardized due to such an attack. A forceful attack is more challenging to execute than a quiet attack.

attacks

Using the above statements, passive attacks are less harmful than active attacks since the message is altered. The methods we discussed in the previous articles are only suitable for confidentiality or secrecy by encrypting messages using a suitable crypto mechanism. 

This is sufficient to protect against a passive adversary who only observes messages sent between Ninja A and Ninja B. However, there are numerous other threats that we must address. One natural scenario is when there is an active adversary who has the ability to alter the content of messages. 

Let us understand with an example: 

An adversary can change the ciphertext sent from Ninja A to Ninja B. A simple toggle operation would allow the adversary to convert 1s to 0s and vice versa.

attacks

The bit-flipping attack described here complements the same bits of the plaintext in exactly the same way. The adversary can alter the plaintext in a predictable manner even though he is unaware of what it is.

We may not be able to prevent the adversary from modifying messages, but appropriate cryptographic tools will allow us to detect when a modification has occurred.

So, we aim to identify changes to transmitted messages, whether encrypted or not. This objective—often referred to as Data origin authentication—is a more robust version of another cryptographic objective, data integrity

Data origin authentication

Data origin authentication ensures the sender's identity as well as data integrity. Another point of view is that data origin authentication implicitly provides data integrity because if the message is changed, the message's source has changed. Non-repudiation is another security goal related to data origin authentication because it prevents the original sender of a specific message from denying his/her action to a third party.

Now, how to achieve this is a question. 

authentic

So, data integrity can be guaranteed by a cryptographic hash function.

Let us understand it: 

Hash Function 

A hash function creates a short "fingerprint" of some data; if the data is changed, the fingerprint will no longer be valid. Assume the fingerprint is kept in a safe place. Then, even if the data is stored in an insecure location, its integrity can be checked regularly by recalculating the fingerprint and verifying that it has not changed. 

This fingerprint is often referred to as message digest

hash function

A message digest is typically a binary string of 160 or 256 bits. Now, how hash functions help in securing data integrity is a question. 

In modern cryptography, data origin authentication is provided by message-authentication codes (MACs)

Message Authentication Codes 

The Message Authentication Code (MAC), also known as a tag, is used to verify the origin and nature of a message. MACs utilize authentication cryptography to validate data sent over a network or transferred from one person to another.

In other words, MAC ensures that the message is from the correct sender, has not been altered, and that the data transferred over a network or stored in or outside a system is legitimate and does not contain malicious code.

hash function

  • MAC requires the two legitimate users (sender and receiver) to share a common secret key. 
     
  • MACs are typically constructed using hash functions
     
  • A MAC takes the message and the key as input and generates an authentication tag, which is sent from the sender to the receiver along with the message. 
     
  • MACs that rely on collision-resistant hash functions provide computational security by utilizing universal hash functions and providing information-theoretic (unconditional) security.

How Does a Message Authentication Code Work?

Step 1: Establishing a secure channel between the receiver and the sender is the first step in the MAC process. The MAC system encrypts a message using an algorithm that utilizes a symmetric key and the plain text message being sent. 

mac

By processing the message, the MAC algorithm generates authentication tags of a fixed length. The MAC of the message is the result of this computation.

Step 2: This MAC is then appended to the message and sent to the receiver. The same algorithm is used by the receiver to compute the MAC. If the resulting MAC obtained by the receiver matches the one sent by the sender, the message is verified as authentic, legitimate, and unaltered.
 

mac

Frequently Asked Questions 

What are the principles of information security? 

The CIA triad refers to an information security model comprised of three main components: confidentiality, integrity, and availability. Each component represents a fundamental objective of information security. We must follow these principles to avoid active and passive attacks in a system.

Write an example of an active attack.

Session hijacking is an example of an active attack. 

Write an example of a passive attack.

Traffic analysis is an example of a passive attack.

How is cryptography used in cryptocurrency?

With the help of cryptography, cryptocurrency transactions are anonymous, secure, and "trustless," meaning there is no need for a bank, credit card company, government, or another intermediary to be present. Instead, you can conduct business with anyone without knowing anything about them. 

How active and passive attacks are dangerous?

Active Attack is hazardous for both integrity and availability. Passive Attack is dangerous for confidentiality.

Conclusion 

To conclude, we have extensively discussed the Optimality of Deception Probabilities in Cryptography through MAC which is generated using hash functions. We focused on providing the data origin authentication to our message using appropriate tools and crypto mechanisms.  

If you like this article and want to learn more about Cryptography, please refer to these articles and enhance your knowledge.

You can also refer to our Guided Path on Coding Ninjas Studio to upskill yourself in Data Structures and AlgorithmsCompetitive ProgrammingSystem Design, and many more!

Head to our practice platform, Coding Ninjas Studio, to practice top problems, attempt mock tests, read interview experiences and interview bundles, follow guided paths for placement preparations, and much more.

Happy learning, ninja!

Live masterclass