Reasoning about Message Integrity

Abstract

We propose an approach for reasoning about message integrity protection in cryptographic protocols. The set of axioms presented herein relate design parameters and assumptions of message integrity protection mechanisms to generic message integrity threats. Comparison of threat properties derived using these axioms with the policy goals for integrity protection aids in assessing the strength (or lack thereof) of message integrity protection mechanisms. We provide examples to illustrate the use of our approach in examining the weaknesses of message integrity protection mechanisms, and also in suggesting modifications in their design parameters. Categories and Subject Descriptors: C.2.4 [Computer-Communication Networks]: General - Security and Protection, Distributed Systems; D.4.6 [Operating Systems]: Security and Protection - cryptographic controls; E.3 [Data]: Data Encryption. Key Words and Phrases: Message integrity, integrity threshold, effective threshold, block membership, order..