Message Integrity
This lesson gives an overview of the concepts of message integrity and hash functions.
We'll cover the following...
Data or message integrity is the assurance that the data received is the same as generated. Encryption provides privacy but doesn’t guarantee that the sent message hasn’t been tampered with at some point along the way.
Consider the XOR cipher we introduced earlier. An attacker can tamper with the encrypted string, and the receiver would still be able to decrypt the message, but they would get a different message than what was originally sent. In the previous widget that uses the character ‘K’ as the key, the resulting encrypted string for the message “I want to learn Kerberos” is “k<*%?k?$k’.*9%k.9).9$8”. If the encrypted string is modified by a malicious attacker, say ‘9’ is changed to ‘2’, the recipient will see a different message. In the widget below, we replace the characters and then decrypt the encrypted string. Observe how we are able to successfully decrypt the message but see a different message.
class Demonstration {public static void main( String args[] ) {String message = "I want to learn Kerberos";// Encrypt the stringSystem.out.println("Encrypted String:");String encryptedString = applyXorCipher(message);System.out.println(encryptedString);encryptedString = encryptedString.replace('9', '2');System.out.println("\nDecrypted String:\n" + applyXorCipher(encryptedString));}static String applyXorCipher(String inputString) {// Define XOR key. You can change the key and see the// encrypte string changechar xorKey = 'K';String outputString = "";// perform XOR operation of key with every character in stringfor (int i = 0; i < inputString.length(); i++) {outputString = outputString + Character.toString((char) (inputString.charAt(i) ^ xorKey));}return outputString;}}