Describe the message authentication process using:

Message authentication ensures that a message originated from its claimed sender and has not been altered. This is achieved using different cryptographic methods:

(a) Symmetric Encryption

When using symmetric encryption for message authentication, a shared secret key is used to create a Message Authentication Code (MAC). This provides both integrity and authenticity. The process is:

1. The sender calculates a MAC for the message using a symmetric encryption algorithm and a secret key shared with the receiver.
2. The sender appends this MAC to the message and sends both to the receiver.
3. The receiver receives the message and the appended MAC. They then independently calculate a MAC for the received message using the same shared secret key and algorithm.
4. The receiver compares their calculated MAC with the received MAC. If they match, the message is authentic and its integrity is verified, meaning it came from the legitimate sender and has not been tampered with.

For example, Alice and Bob share a secret key, K. Alice computes MAC = C(K, M) for message M and sends (M || MAC). Bob computes MAC' = C(K, M') for received message M'. If MAC' equals MAC, Bob trusts the message is from Alice and is unaltered.

(b) Public Key Encryption

Public key encryption provides message authentication through digital signatures. This method uses the sender's private key and the receiver's knowledge of the sender's public key.

1. The sender creates a digital signature for the message (or a hash of the message) using their own private key.
2. The sender sends the message along with this digital signature.
3. The receiver uses the sender's public key to verify the digital signature.
4. If the verification is successful, it confirms that the message was signed by the holder of the corresponding private key (which should be the legitimate sender) and that the message has not been altered since it was signed.

For instance, Alice signs a message M using her private key (PK_Alice_private). She sends (M || Signature_Alice). Bob receives it, retrieves Alice's public key (PK_Alice_public), and uses it to verify the signature. Successful verification assures Bob that Alice sent the message.

(c) Hash Function

A hash function alone provides message integrity, producing a fixed-size message digest unique to the input. For message authentication, the hash value needs protection from alteration and spoofing. This is achieved by combining it with a secret key or a digital signature:

1. Hash-based Message Authentication Code (HMAC):

   • The sender computes a hash of the message and then uses a shared secret key to generate an HMAC over this hash (or the message itself).
   • The HMAC is sent along with the message.
   • The receiver independently computes the HMAC using the same secret key and compares it to the received HMAC. A match indicates authenticity and integrity.

2. Digital Signature with Hash Function:

   • The sender first computes a cryptographic hash (message digest) of the message.
   • Then, the sender encrypts (signs) this message digest using their private key. This encrypted hash is the digital signature.
   • The sender sends the original message along with the digital signature.
   • The receiver computes a hash of the received message and then uses the sender's public key to decrypt (verify) the received digital signature.
   • If the two hash values match, it confirms both the message's integrity and authenticity.