Recap of Data Integrity

Summary

In this chapter, we discussed cryptographic mechanisms that provide different levels of data integrity. Hash functions are multipurpose cryptographic primitives, and our discussion included an examination of their many different properties and applications, not just those relating to data integrity. Hash functions, on their own, are fairly weak data integrity mechanisms, but they can be used as part of stronger mechanisms. We saw this earlier when they were used in the construction of a MAC, and we’ll see this again when they are used as digital signature scheme components. MACs provide a strong notion of data origin authentication, and we reviewed two general techniques for constructing them.

Data integrity, particularly data origin authentication, is arguably a more important requirement than confidentiality in many modern applications. Very few applications requiring confidentiality do not also require data origin authentication. We also looked at different ways of achieving both services through authenticated encryption.