Key-Hashed Message Authentication Codes or HMACS
What is Key-Hashed Message Authentication Codes or HMACS?
Expert
Digital signatures provide message-by-message authentication, as well as message integrity. Unfortunately the use of digital signatures requires that parties have a public/private key pair and that a secure mechanism for distributing public keys exists. There is also overhead for computing the digital signature, since slow public key encryption is used. Because of these shortcomings another approach to message-by-message authentication is often used - key-hashed message authentication codes. This approach requires that both parties share some secret information, usually a symmetric key. Most cryptographic systems, systems that provide authentication and confidentiality, provide this. The process involves appending the secret shared information to the message and then computing the hash, which is called the HMAC. The HMAC is sent with the message. The receiver recalculates the HMAC from the plaintext part of the message using its own copy of the shared secret information. If the calculated HMAC is equal to the received HMAC, the message is authenticated.
The advantage of using HMACs is reduced computation and not needing to maintain a public key infrastructure. However, HMACs do not provide for non-repudiation as both sides know the secret shared information and the receiver could construct a HMAC for a message that the sender did not send. Digital signatures must be used if non-repudiation is required.
A person would want to access a file on other computer (joined via LAN) though working with safe mode. What must he do?
Explain the Non-GUI clients, GUI Clients and OOUI Clients?
Public Key Encryption: Public key encryption employ public and private key for encryption and decryption. In this method, public key is employed to encrypt messages and merely the corresponding private key can be employed to decrypt them. To encrypt a
Illustrate the net output power of a complete BTS in dbm and watts?
Describe briefly Exchange Server 2007?
Is it correct to state that DES is a Group? Illustrate your answer with proper reason.
Define the term Error detection and correction in brief?
What is meant by the flow control?
FTP Spoofing attack: In the background of network security, a spoofing attack is a circumstance in which one person or program effectively masquerades as another by falsifying data and thus gaining an illegitimate benefit.
Explain how higher-level data is taken by IP to the destination host?
18,76,764
1939075 Asked
3,689
Active Tutors
1412562
Questions Answered
Start Excelling in your courses, Ask an Expert and get answers for your homework and assignments!!