Guarding Against Malicious Modification of our Data

Page #443 of Chapter: Crypto-for-the-rest-of-us

level indicator


The main methods: (i) hiding our data, (ii) cryptographic packaging of our data.

Cryptographic packaging will reshape the data so that it would be difficult to modify the packaged data such that when un-packaged, it will read as modified data that would pass as genuine.

The simplest packaging consists on straight encryption. The recipient, using the secret decryption key to generate the plaintext from the communicated ciphertext, will trust that only the presumed writer has the corresponding encryption key, and so he is the writer of the message. This method is as strong as the used encryption.

A more useful and more versatile cryptographic packaging is offered via hashing -- constructing a small (usually fixed size) string called 'hash' that may be viewed as 'lossy encryption', or 'irreversible encryption'. The hash is crypto function of the original message that needs protection, such that given the hash it is infeasible to regenerate the protected message, or any other message that generates the same hash.

The hash then is a one-way function that can be used by the recipient of the message, who re-evaluates the hash of the received message, and compares it to the communicated hash. If the two hash strings agree, then the communicated message is authenticated. This assumes that the hash itself was not tampered with, and that the assailant has not extracted a different message that shares the same hash.

* Version CE-H6703 (SERVER) Crypto Academy