Cryptographic Integrity and Authenticity – Complete SSCP Study Guide
Why Cryptographic Integrity and Authenticity Matter
In the world of information security, ensuring that data has not been tampered with (integrity) and confirming the identity of the sender (authenticity) are two foundational pillars. If an attacker can modify data in transit or at rest and the modification goes undetected, the consequences can be catastrophic — from financial fraud to compromised medical records. Similarly, if a recipient cannot verify who actually sent a message, an adversary could impersonate a trusted party and inject malicious content. Cryptographic mechanisms provide mathematically provable assurances for both of these properties.
What Is Cryptographic Integrity?
Cryptographic integrity refers to the use of cryptographic techniques to detect any unauthorized modification, insertion, or deletion of data. When integrity controls are in place, any change — even a single bit — will be detected by the recipient or verifier.
Key mechanisms include:
1. Hash Functions
A cryptographic hash function (e.g., SHA-256, SHA-3) takes an input of any size and produces a fixed-length output called a message digest or hash value. Properties of a secure hash function include:
- Pre-image resistance: Given a hash value, it is computationally infeasible to find the original input.
- Second pre-image resistance: Given an input, it is computationally infeasible to find a different input that produces the same hash.
- Collision resistance: It is computationally infeasible to find two different inputs that produce the same hash output.
Hash functions alone provide integrity verification but do not provide authenticity because anyone can compute a hash.
2. Message Authentication Codes (MACs)
A MAC combines a secret key with the message to produce an authentication tag. Only parties who possess the shared secret key can generate or verify the tag. Common types include:
- HMAC (Hash-based MAC): Uses a cryptographic hash function (e.g., HMAC-SHA256) combined with a secret key.
- CMAC (Cipher-based MAC): Uses a block cipher such as AES in a special mode to generate the tag.
MACs provide both integrity and authenticity because only someone with the shared secret key can produce a valid MAC. However, MACs do not provide non-repudiation since both parties share the same key.
3. Digital Signatures
Digital signatures use asymmetric cryptography to provide integrity, authenticity, and non-repudiation. The sender signs a hash of the message using their private key, and anyone can verify the signature using the sender's public key. Common algorithms include RSA, DSA, and ECDSA.
What Is Cryptographic Authenticity?
Cryptographic authenticity ensures that the origin of data or a communication can be verified. It answers the question: "Did this message truly come from who it claims to come from?"
Authenticity is achieved through:
- MACs: Prove the message came from someone who holds the shared secret key.
- Digital Signatures: Prove the message came from the holder of a specific private key, which is tied to a verified identity through a certificate.
- Digital Certificates (X.509): Bind a public key to an identity, issued by a trusted Certificate Authority (CA). This enables trust in the public key used to verify a digital signature.
How It All Works Together
Consider a typical secure communication scenario:
1. Sender creates a message and computes a hash of it (e.g., SHA-256).
2. The sender signs the hash with their private key, creating a digital signature.
3. The message and digital signature are sent to the recipient.
4. The recipient computes the hash of the received message independently.
5. The recipient uses the sender's public key (obtained from a trusted certificate) to decrypt the digital signature and recover the original hash.
6. If the two hash values match, both integrity (the message was not altered) and authenticity (the message came from the claimed sender) are confirmed.
For MAC-based scenarios, both parties share a secret key. The sender computes the MAC over the message and appends it. The receiver recomputes the MAC with the same key and compares values.
Comparison of Mechanisms
Hash Functions: Provide integrity only. No key is involved. No authenticity or non-repudiation.
MACs (HMAC, CMAC): Provide integrity and authenticity. Use a shared symmetric key. No non-repudiation.
Digital Signatures: Provide integrity, authenticity, and non-repudiation. Use asymmetric keys (private key to sign, public key to verify).
Important Concepts to Remember
- Non-repudiation is only provided by digital signatures, not by MACs or hashes alone, because a digital signature can only be created by the holder of the private key.
- MD5 and SHA-1 are considered deprecated and insecure for most purposes due to known collision vulnerabilities. SHA-256 and SHA-3 are currently recommended.
- HMAC is resistant to length-extension attacks, which is an advantage over simply hashing a key concatenated with a message.
- Authenticated encryption modes such as AES-GCM and AES-CCM provide confidentiality, integrity, and authenticity in a single operation.
- A hash function is a one-way function — you cannot reverse a hash to obtain the original data.
Exam Tips: Answering Questions on Cryptographic Integrity and Authenticity
Tip 1: Know the differences between hashing, MACs, and digital signatures. This is the most frequently tested concept. If a question asks about non-repudiation, the answer will involve digital signatures. If it asks about integrity only with no key, the answer is a hash function. If it involves a shared secret key providing both integrity and authenticity, the answer is a MAC.
Tip 2: Watch for keyword triggers. Words like "verify the sender," "prove origin," or "cannot deny sending" point toward authenticity and non-repudiation — think digital signatures. Words like "detect modification" or "verify data has not changed" point toward integrity — think hashing or MACs.
Tip 3: Remember that encryption alone does not guarantee integrity. A common exam trap is suggesting that encrypting data ensures it has not been tampered with. Encryption provides confidentiality, not integrity. You need a separate integrity mechanism (hash, MAC, or digital signature) or an authenticated encryption mode like GCM.
Tip 4: Understand algorithm categories. Know that SHA-256 and SHA-3 are hash functions, HMAC-SHA256 is a MAC, RSA and ECDSA are digital signature algorithms (also used for encryption in the case of RSA), and AES-GCM is an authenticated encryption scheme.
Tip 5: Be precise about symmetric vs. asymmetric. MACs use symmetric (shared) keys. Digital signatures use asymmetric key pairs. If a question mentions two parties needing a pre-shared secret, it is referencing a MAC. If it mentions a public/private key pair, it is referencing digital signatures.
Tip 6: Non-repudiation questions. If the question scenario involves proving in a legal or dispute context that a specific individual sent a message, the answer is always digital signatures. MACs cannot provide this because both parties hold the same key, meaning either party could have generated the MAC.
Tip 7: Collision attacks matter. If a question references why MD5 or SHA-1 should not be used, the answer relates to collision vulnerabilities. A collision means two different inputs produce the same hash output, undermining integrity guarantees.
Tip 8: Think about what property is missing. Many exam questions describe a scenario and ask what security property is lacking. If data can be read but might be altered, integrity is missing. If the receiver cannot verify who sent the data, authenticity is missing. If the sender can deny sending, non-repudiation is missing.
Tip 9: Authenticated encryption. Know that modes like AES-GCM combine encryption with a built-in authentication tag, providing confidentiality, integrity, and authenticity in one pass. This is increasingly the recommended approach for modern systems.
Tip 10: Process of elimination. On the SSCP exam, if you are unsure, eliminate answers that confuse confidentiality with integrity, or that claim hashing provides authenticity. Narrowing down choices based on precise definitions will greatly improve your accuracy.
