Authenticity and data integrity

Authenticity and data integrity

by Ilias Marwane Merigh -
Number of replies: 2

Hello,

I have some questions. I the previous lecture we said that Authenticity and data integrity are closely related.

1) But can we clearly say the following : Authenticity is respected <=> data integrity is respected.

Here is my reasoning :

  • Authenticity is respected => The msg comes from Alice so it's not modified.
  • Data integrity is respected => the received msg = the original message = Alice's message.

2) If the message is modified by error (bits swiped or lost). Can we consider that data integrity is not respected ? What about authenticity (because Bob can't be sure that the sender is actually Alice, due to the error) ?

3) If Persa intercepts Alice's message but doesn't change it, then sends it to Bob. Is the authenticity still respected ? (because Persa's msg = Alice's msg). Notice that if your answer is "no", it means that data integrity is respected but authenticity is not, which contradicts my reasoning in step b).


In reply to Ilias Marwane Merigh

Re: Authenticity and data integrity

by Devrim Celik -
Hey Ilias,

1) No we can not. The reason that they are closely related is however exactly based on the intuition you represented in your answer. I would argue, that authenticity is not really possible without integrity, because the mechanism in a protocol that ensure authenticity needs to be transmitted without modification in order to be used to authenticate; i.e., authenticity should imply integrity in a practical sense. However, the opposite is not always true: Take checksums, one of the ways to ensure integrity, however they do not have anything to do with authenticity.
2) Yes, attacks with respect to integrity can be "accidental" or "intentional". As stated in 1), if we cannot guarantee integrity, we can not really make use of authentication mechanisms in protocols.
3) To be transparent, I don't know for sure, but I will try anyways: I'd say that authenticity is respected, because this is basically what every router does. They take a packet, do not modify it, and relay it towards the receiver. Regarding that last sentence, again, as stated in 1) that could very well be possible in general.

I hope this helps! Very good questions by the way; you are clearly trying to get the bigger picture ;)