Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [CISSP-D] Symmetric Key and authentication.

from [Clement Dupuis] Network Security [Permanent Link]
Subject: RE: [CISSP-D] Symmetric Key and authentication.
Date: Fri, 6 May 2005 22:21:37 -0500 
I think the following describe MAC very well:

Data associated with an authenticated message that allows a receiver to
verify the integrity of the message. (Glossary of INFOSEC and INFOSEC
Related Terms - Idaho State University).
www.hipaabasics.com/glossary.htm

A Message Authentication Code is a one-way hash computed from a message and
some secret data. It is difficult to forge without knowing the secret data.
Its purpose is to detect if the message has been altered.
www.zvon.org/tmRFC/RFC2246/Output/chapter12.html

in a payment system, a code used to validate the source of integrity of the
message.
www.gbc.hu/english/bszotare3.htm

In cryptography, a message authentication code (MAC) is a short piece of
information used to authenticate a message. A MAC algorithm (sometimes
termed a keyed hash function) accepts as input a secret key as well as the
message, and produces a MAC (sometimes known as a tag). The MAC protects
both a message's integrity—by ensuring that a different MAC will be produced
if the message has changed—as well as its authenticity—because only someone
who knows the secret key could have 
en.wikipedia.org/wiki/Message_authentication_code  

Best regards

Clement


-----Original Message-----
From: CISSP-Discuss@yahoogroups.com [mailto:CISSP-Discuss@yahoogroups.com]
On Behalf Of Manish Bajaj
Sent: Monday, May 09, 2005 11:45 AM
To: Roshan Mani
Cc: Vijay Kumar; CISSP-Discuss@yahoogroups.com
Subject: Re: [CISSP-D] Symmetric Key and authentication.

You can achieve non-repudiation only thru Asymmetric encryption. It is
so because only PKI provides you with a private key that only you are
supposed to have. It is not shared with any other entity and nobody
can claim to have send a message on your behalf... which is the crux
of non repudiation.

If authenticaton is the only issue, then you have can work with either.


 
Yahoo! Groups Links



 




-- 
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.5 - Release Date: 5/4/2005
 

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.5 - Release Date: 5/4/2005
 





 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] common criteria evalution criteria, Nishidhdha
Next by Date:  Re: [CISSP-D] System-high security mode vs Compartmented security mode, Fritz Ames
Previous by Thread:  Re: [CISSP-D] Symmetric Key and authentication., Manish Bajaj
Next by Thread:  [CISSP-D] NIST dropping DES, Rand
Indexes:  [Date] [Thread] [Top] [All Lists]