|
Preserving the integrity of a message is indeed a major security
challenge. Whenever a message is sent by a sender to a receiver, we
must be 100% sure that the contents of the message are not tampered
with. Otherwise, there is no guarantee that the message that the
receiver actually gets and processes is indeed the same message that
the sender had sent, or intended to send.
As a very simple example of
understanding this problem, take a look at figure 1 below.
Here are the parties involved, with reference to the diagram.
A is an account holder of a bank
B is the bank
C is the attacker
D is another account holder of the bank
As we can see, the sender (A) wants to transfer $100 from her account
to the receiver’s account (i.e. D’s account) via the
services offered by bank B. Ideally, the message for transferring the
funds should go from A’s computer directly to B’s computer.
However, due to some security lapses; and we are not bothered here
about what that lapse is, the message somehow is accessible to C.
Attacker C is very happy to see this message. She changes the amount
from $100 to $1000 and the intended recipient from D to C. She then
sends this modified message to bank B.
Figure 1 : Send Message
If there are not enough security measures in place, bank B would not
know that the message was sent by C, and not by A. The bank B would not
also know that the amount to be transferred should have been $100 and
not $1000, and that it should have been transferred to the account of
D, and not to that of C.
While this problem is a combination of many security issues, the one we
are concentrating on today is that of loss of message integrity. In
other words, we expect that the security technology should alert the
bank that the message that it has received is not the one that the
original sender (A) had sent, but that it was changed by someone during
its transit from A to B. To preserve message integrity, we use message
digest or hash.
The relation of a message digest or a hash to the original message is
similar to the relation of our finger print with us. In other words,
given a human being and her thumbprint, we can confidently say that the
fingerprint is indeed (not) that of the same person. In a similar
fashion, given a message and its message digest, we can prove that
there is a one-to-one relation between the message and its digest.
This should tell us that in any real-life application, whenever we want
to ensure that a message has traveled without any (un)intended
alterations from the sender to the receiver, we need to ensure that the
integrity of the message is preserved. For this purpose, the technique
shown in the Figure 2 below is used.
Figure 2 : Ensure Message Integrity
This would obviously lead to some questions. For example, if an
attacker has access to a message and the digest, would the attacker not
be able to modify both the message and digest? That is, the attacker C
would modify the message and compute a fresh digest. The attacker would
not send the modified message and the new digest to the receiver. How
would the receiver come to know about this mischief? This is the
subject of a separate article.
For now, we shall see how to compute the digest of a message in Java. This is shown in the code below.
// This program attempts to calculate the message digest of a message
import java.security.MessageDigest;
public class MessageDigestExample {
public static final String str = "This is the text to be digested. It is quite interesting indeed!";
public static void main(String[] args) throws Exception{
// Create a message digest
System.out.println ("Attempting to calculate message digest ...");
MessageDigest md = MessageDigest.getInstance ("MD5");
byte [] ba = str.getBytes("UTF8");
md.update (ba);
byte [] digest = md.digest ();
System.out.println ("Result: Success");
// Display plain text and digest
System.out.println ("Original plain text was : " + str);
System.out.println ("Digested text is : " + new String (digest));
System.out.println ("Program execution was successful ...");
}
}
Listing 1 : MessageDigestExample
As we can see, the code is quite simple. We first need to create an
object of the MessageDigest class. We supply the digest algorithm name
to the getInstance ( ) method, which is MD5. MD5 has been the leading
message digest algorithm until recently. We then compute the digest by
calling the digest ( ) method, which returns the digest in a byte
array. We then display the original message and the digest on the
screen. In real life, we would send these to the intended recipient.
The output of this program is as follows.
Attempting to calculate message digest ...
Result: Success
Original plain text was : This is the text to be digested. It is quite interesting indeed!
Digested text is : ¦Ã€ÃœÅ’(ÃŽK([d4à 03:
Program execution was successful ...
To get a real feel for this, try changing the original message and see how the digest value also changes.
We shall spend more time in discussing some of the related concepts next time.
Related -
Returning Arrays or Objects - A Security Problem in Java
Using the Java ByteCode Verifier To Prevent Malicious Access
Setting up Secure Web Authentication in Tomcat
---
 Atul
Kahate writes about Security in this monthly
column on IndicThreads.com. Atul is the author of 13 books including Cryptography
and Network Security".
He is currently a Project Manager at i-flex solutions limited, Pune, India. Atul can be reached at (akahate at gmail dot com)
|
Comment by GUEST on 2007-06-07 11:19:22
Dude..."The attacker would not send the modified message and the new digest to the receiver. How would the receiver come to know about this mischief? This is the subject of a separate article."..this is not a separate subject. If you writing a article, give the complete picture. |
|
Home | 
