Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Separating Message Authentication Code Generation From Checking

IP.com Disclosure Number: IPCOM000038811D
Original Publication Date: 1987-Mar-01
Included in the Prior Art Database: 2005-Feb-01
Document File: 3 page(s) / 37K

Publishing Venue

IBM

Related People

Lennon, RE: AUTHOR [+2]

Abstract

This article describes a message authentication method wherein generation of a message authentication code (MAC) by the message transmitter and the use of it by the receiver to check the message are separate and distinct functions such that the receiver is denied the capability to regenerate the MAC. In other words, the method is such that MAC checking does not imply a capability for MAC generation, which, if available, might be misused to produce a fraudulent MAC on an altered or substituted message. The described method utilizes cryptographic techniques which have been previously described [*]. Fig. 1 illustrates two hosts 10 and 20 at respective domains in a network, and represents an environment in which the described method of MAC generation and checking would apply.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 3

Separating Message Authentication Code Generation From Checking

This article describes a message authentication method wherein generation of a message authentication code (MAC) by the message transmitter and the use of it by the receiver to check the message are separate and distinct functions such that the receiver is denied the capability to regenerate the MAC. In other words, the method is such that MAC checking does not imply a capability for MAC generation, which, if available, might be misused to produce a fraudulent MAC on an altered or substituted message. The described method utilizes cryptographic techniques which have been previously described [*]. Fig. 1 illustrates two hosts 10 and 20 at respective domains in a network, and represents an environment in which the described method of MAC generation and checking would apply. MAC generation and checking are implemented by the functions MACXMIT and MACHECK. Host 10 has an application program 18 which can invoke the functions MACXMIT 14 and MACHECK 16 implemented within and executed by a cryptographic facility 12 within which a master key, KM0, has previously been installed. Typically, several cryptographic functions can be invoked via the interface to the cryptographic facility, such as encipher and decipher data, as well as other special key management functions. However, a specification of these other functions is unimportant to the present discussion. A similar capability is provided at host 20, except that the master keys are different at each different host. Each host 10, 20 also has a key table of encrypted keys used for key management purposes (not shown). In Fig. 1, either host can generate a MAC or check a MAC generated by the other. However, the method is such that the originator of a message (msg) also generates the key Kmac used for generating the MAC on msg. To allow msg and MAC to be verified, Kmac must be transmitted from the originating host to the receiving host. To ensure key secrecy, Kmac is encrypted under a unique cross-domain key (KCD) shared between the sending and receiving hosts. A typical data exchange is shown in Fig. 1 wherein (a) the msg and MAC key (Kmac) are used together with the MACXMIT fun...