You're reading from Demystifying Cryptography with OpenSSL 3.0 Discover the best techniques to enhance your network security with OpenSSL 3.0

Product type Paperback

Published in Oct 2022

Publisher Packt

ISBN-13 9781800560345

Length 342 pages

Edition 1st Edition

Languages

Tools

Wireshark

Concepts

Cryptography

Author (1):

Alexei Khlebnikov

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Introduction

2. Chapter 1: OpenSSL and Other SSL/TLS Libraries FREE CHAPTER

3. Part 2: Symmetric Cryptography

4. Chapter 2: Symmetric Encryption and Decryption

5. Chapter 3: Message Digests

6. Chapter 4: MAC and HMAC

7. Chapter 5: Derivation of an Encryption Key from a Password

8. Part 3: Asymmetric Cryptography and Certificates

9. Chapter 6: Asymmetric Encryption and Decryption

10. Chapter 7: Digital Signatures and Their Verification

11. Chapter 8: X.509 Certificates and PKI

12. Part 4: TLS Connections and Secure Communication

13. Chapter 9: Establishing TLS Connections and Sending Data over Them

14. Chapter 10: Using X.509 Certificates in TLS

15. Chapter 11: Special Usages of TLS

16. Part 5: Running a Mini-CA

17. Chapter 12: Running a Mini-CA

18. Index

Why subscribe?

19. Other Books You May Enjoy

Packt is searching for authors like you

Understanding MAC function security

A MAC function is considered secure if it can resist the list of forgery attacks described as follows, which have been listed from more difficult to less difficult. All of the attacks that are described suggest that an attacker does not possess a secret key:

A universal forgery attack is successful if an attacker can create a valid MAC for any message given to them.
A selective forgery attack aims to produce the correct MAC for a particular message. The message is chosen prior to the attack and, usually, has some value for the attacker if they can authenticate it.
An existential forgery attack works by finding a pair of any kind of message and its respective MAC.
An existential forgery under a chosen-message attack suggests that there is an oracle that can generate a MAC for any message chosen by the attacker. The attacker can feed messages to the oracle, obtain MACs, and analyze the behavior of the oracle and the MAC function...