[Cisspstudy] Symmetric cryptography - Authentication

Clement Dupuis clement.dupuis at cccure.com
Sat Oct 10 17:39:44 EDT 2009 

Yes it does provide some authentication of the source using a Message
Authentication Code  (MAC)

Do take care

Clement


Clément Dupuis, CD
CISSP, GCFW, GCIA, QEH, QSA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS,
MBIS, MBHS,  ACE
----------------------------------------------------------------------------------------------
In real life:
Senior Security Specialist and Instructor
Security University
>>  Call me to get the best CISSP training  <<
----------------------------------------------------------------------------------------------
In Cyberspace:
President/Security Evangelist/Chief Learning Officer (CLO)
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Business:  407 479 3903
Fax:          407 264 8396

Maintainer of :
The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org

Knowledge sharing and giving back to the community


On Sat, Oct 10, 2009 at 14:37, Andrea Gatta <andrea.gatta at gmail.com> wrote:

> Hi Cleament,
> thanks for the reply.
>
> On this base - would you say that symmentric crypto provides authentication
> as one of its security services (with the exception of non-repudiation) ?
>
> Thanks,
> Andrea
>
>
> On Sat, Oct 10, 2009 at 7:19 PM, Clement Dupuis <clement.dupuis at cccure.com
> > wrote:
>
>> Good day,
>>
>> IPSEC, SSL, TLS, all comes to mind.
>>
>> Diffie Hellman hiding within those protocol does it for you in the
>> background.
>>
>> Take care
>>
>> Clement
>>
>> Clément Dupuis, CD
>> CISSP, GCFW, GCIA, QEH, QSA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS,
>> MBIS, MBHS,  ACE
>>
>> ----------------------------------------------------------------------------------------------
>> In real life:
>> Senior Security Specialist and Instructor
>> Security University
>> >>  Call me to get the best CISSP training  <<
>>
>> ----------------------------------------------------------------------------------------------
>> In Cyberspace:
>> President/Security Evangelist/Chief Learning Officer (CLO)
>> The CCCure Family of Portals
>>
>> ----------------------------------------------------------------------------------------------
>> Business:  407 479 3903
>> Fax:          407 264 8396
>>
>> Maintainer of :
>> The CISSP and SSCP Open Study Guides Web Site
>> http://www.cccure.org
>>
>> The Professional Security Testers Warehouse
>> http://www.professionalsecuritytesters.org
>>
>> Knowledge sharing and giving back to the community
>>
>>
>> On Sat, Oct 10, 2009 at 14:00, Andrea Gatta <andrea.gatta at gmail.com>wrote:
>>
>>> Hi,
>>> several sources include authentication - or better system or message
>>> authentication - as one of the symmetric criptography security services (the
>>> other is clearly confidentiality).
>>>
>>> Clearly the authentication provided by symmetric key crypto cannot
>>> provide non-repudiation since it uses one single key to encrypt/decrypt and
>>> which is not tied to a uniquely identifiiable user.
>>>
>>> As for the implementation of the above concept, I can think at the way
>>> Kerberos authenticate principals - possession of the session key (other than
>>> authenticator information).
>>>
>>> Other than that an example of this could be CBC-MAC.
>>>
>>> Can someone provide other explamples or better some place in which
>>> symmetric key crypto and authentication are treated more systematically ?
>>>
>>> Thanks
>>> Andrea
>>>
>>> _______________________________________________
>>> cisspstudy mailing list
>>> cisspstudy at cccure.org
>>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>>
>>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20091010/d8a85b93/attachment-0001.html>

More information about the cisspstudy mailing list