Merge pull request 'tammi-ch3-MAC' (#89) from tammi-ch3-MAC into draft

Reviewed-on: https://codeberg.org/openpgp/notes/pulls/89
Reviewed-by: Paul Schaub <vanitasvitae@noreply.codeberg.org>
This commit is contained in:
heiko 2023-10-29 14:07:59 +00:00
commit 91261fe9bc

View file

@ -21,22 +21,22 @@ Here are two important properties of cryptographic hash functions:
- ["Pre-image resistance"](https://en.wikipedia.org/wiki/Preimage_attack): Given a hash value, it should be very difficult to determine the original data it represents.
- ["Collision resistance"](https://en.wikipedia.org/wiki/Collision_resistance): It should be very difficult to find two distinct pieces of data that map to the same hash value.
## Message Authentication Codes
## Message authentication codes
[Message Authentication Codes](https://en.wikipedia.org/wiki/Message_authentication_code) (MAC, also called authentication tags) are small pieces of information, which can be used to verify the integrity and authenticity of a message.
They are calculated over the original message using a (symmetric) secret key.
The recipient of a message containing a MAC, who is also in posession of the secret key can verify that the message has not been tampered with.
A [message authentication code](https://en.wikipedia.org/wiki/Message_authentication_code) (MAC), also known as an authentication tag, is a small piece of information used to verify the integrity and authenticity of a message.
[HMAC](https://en.wikipedia.org/wiki/HMAC) is a hash-based message authentication code, which is used in the OpenPGP protocol.
It is derived from the original message using a (symmetric) secret key. The recipient of a message containing a MAC, who is also in possession of the secret key, can verify that the message has not been altered.
### Key Derivation Functions
[HMAC](https://en.wikipedia.org/wiki/HMAC) is a type of MAC that relies on a hash function. It is used in the OpenPGP protocol.
Hash functions can also be used to construct [key derivation functions](https://en.wikipedia.org/wiki/Key_derivation_function) (KDF).
Those can for instance be used to derive symmetric key material from a password by repeatedly feeding it through a hash function.
### Key derivation functions
A prominent example of a KDF which is relevant for the OpenPGP specification is the so-called [HKDF](https://en.wikipedia.org/wiki/HKDF) which is a key derivation function based on the HMAC message authentication code.
A hash function can also be used to create a [key derivation function](https://en.wikipedia.org/wiki/Key_derivation_function) (KDF).
One application of KDFs is to generate symmetric key material from a password by iteratively passing it through a hash function.
More information on KDFs and their use in the OpenPGP protocol can be found in chapters [5](encrypted_secrets) and 10 (SEIPDv2).
A notable KDF for the OpenPGP specification is the [HKDF](https://en.wikipedia.org/wiki/HKDF), which is a key derivation function based on the HMAC.
For detailed information on KDFs and their role in the OpenPGP protocol, see the [encrypted secrets](encrypted_secrets) chapter and the [SEIPDv2](SEIPDv2) section of the encryption chapter.
## Symmetric-key cryptography