Title :
Authentication theory and hypothesis testing
Author_Institution :
Dept. of Comput. Sci., Eidgenossische Tech. Hochschule, Zurich, Switzerland
fDate :
7/1/2000 12:00:00 AM
Abstract :
By interpreting message authentication as a hypothesis testing problem, this paper provides a generalized treatment of information-theoretic lower bounds on an opponent´s probability of cheating in one-way message authentication. We consider the authentication of an arbitrary sequence of messages, using the same secret key shared between sender and receiver. The adversary tries to deceive the receiver by forging one of the messages in the sequence. The classical two types of cheating are considered, impersonation and substitution attacks, and lower bounds on the cheating probability for any authentication system are derived for three types of goals the adversary might wish to achieve. These goals are: (1) that the fraudulent message should be accepted by the receiver, or, in addition, (2) that the adversary wishes to know or (3) wants to even choose the value of the plaintext message obtained by the legitimate receiver after decoding with the secret key
Keywords :
cryptography; decoding; information theory; message authentication; probability; telecommunication security; adversary; authentication system; authentication theory; cheating probability; fraudulent message; hypothesis testing; impersonation; information-theoretic lower bounds; lower bounds; message authentication; message forging; message sequences; one-way message authentication; plaintext message; receiver; secret key decoding; secret key sharing; sender; substitution attacks; Computer science; Cryptography; Decoding; Information security; Message authentication; Power system security; Probability distribution; Testing;
Journal_Title :
Information Theory, IEEE Transactions on
