Cryptographic primitives such as encryption and hashing algorithms are seldom useful by themselves. We combine them into schemes and protocols so that we can satisfy complex security requirements. To illustrate how we might do that, let’s consider a simplistic cryptographic protocol that allows Alice and Bob to communicate securely. We’ll aim for all three main requirements: confidentiality, integrity, and authentication.Let’s assume that our protocol allows exchange of an arbitrary number of messages. Because symmetric encryption is very good at encrypting bulk data, we might select our favorite algorithm to use for this purpose, say, AES. With AES, Alice and Bob can exchange secure messages, and Mallory won’t be able to recover the contents. But that’s not quite enough, because Mallory can do other things, for example, modify the messages without being detected. To fix this problem, we can calculate a MAC of each message using a hashing key known only to Alice and Bob. When we send a message, we send along the MAC as well
đang được dịch, vui lòng đợi..
