3

I'm studying network security and I found this question in my slide, but don't have an answer.

Discuss the use of keyed HMACs for guaranteeing the integrity of a file being transmitted over the network (no other guarantees requested).

All resources that I found online, say only that HMAC guarantee integrity, but I don't understand in what way. I founded this answear here and I understand this :

If Alice sends the file over the network with her HMAC, She can know that this file isn't compromised, if her check the HMAC of the same file and this remain the same.

Could it be an answer to my slide question? (my doubt is about that part that says "being transmitted over the network")

Thanks for your time,

theantomc
  • 133
  • 5

1 Answers1

6

In order to understand what a HMAC does for you, you need to know what a HMAC is. A HMAC is basically a hash function, that works a secret key "into" the hash. So instead of

Digest = Hash(Data)

you have

Digest = HMAC(Data, SecretKey)

So how does this guarantee integrity? Similarly to a "regular" hash, data and the HMAC are transmitted together. The recipient, who also knows the secret key, can then calculate the HMAC again, and if the result is identical, it is guaranteed that the file has not been tampered with.

How is this any different from a regular hash?

The difference is that an attacker can't modify the data and simply calculate a new hash. For example, imagine you transmit the message Security.SE is the best Stack Exchange site, with the SHA-256 hash 71d90574502edd87ea8ef969dc5a28dc13a0c4ce1e9e9664600ea275f1b364e4. Now an evil hacker from Crypto.SE intercepted that message, changed it to Crypto.SE is the best Stack Exchange site and changes the hash to ed53d3d9f49ba1fe00c7591236ab72d6f27913bdd40fa7f2c6c0b177f76157c2.

The recipient wouldn't know that the data has been modified. If I were to use a HMAC, however, the attacker would not have access to the secret key, and thus is not able to generate their own HMAC.

But isn't a hash enough to guarantee integrity?

Yes, because a HMAC can do everything a regular hash function can do. However, a HMAC can, aside from integrity, also guarantee authenticity, assuming that the key has not been compromised.

  • Thank you for your complete answer. You suppose that the receiver don't know the hash of original message, right? in this way, with normal hash, we can't know the modify, instead of with HMAC we know the modify because the new hacked file will not have a HMAC ? right? – theantomc Nov 05 '19 at 18:03
  • @theantomc The receiver will receive the original message and the HMAC calculated by the sender. The receiver will then calculate the HMAC as well (just like a regular hash), and if they match, the message has not been modified. The advantage over a regular hash is that an attacker can't calculate the HMAC, only the legitimate sender and receiver. –  Nov 06 '19 at 09:07