AEAD encryption schemes produce something referred to as an "authentication tag." What does this tag consist of, what is its purpose, and is the tag itself human-readable data such as a plaintext string or is it cipher text?
Asked
Active
Viewed 5,294 times
4
-
Possible duplicate of What is the advantage of AEAD ciphers? If this answer does not satisfy you let us know. – kelalaka Feb 06 '19 at 21:39
-
The authentication tag is form of message authentication code or MAC. – Sjoerd Feb 07 '19 at 09:44
1 Answers
4
What does this tag consist of ... is the tag itself human-readable data
It will most likely be a string of random looking bits. It is not intended or required for humans to participate in the verification process.
what is its purpose
The algorithm uses it to verify whether or not the ciphertext and/or associated data have been modified.
If either the ciphertext or associated data has been modified, then the procedure that re-computes the validation tag on the receiving end will end up generating a different tag. The algorithm will check the re-computed tag against the tag that was bundled with the ciphertext and associated data (which collectively can be referred to as a "cryptogram").
If the tags don't match, that means some part of the ciphertext and/or associated data have been modified.
If the tags do match, that means that no part of the ciphertext and/or associated data have been modified*
* at least, there is a a high probability assuming that the keys have not been compromised and the authentication scheme is secure
Ella Rose
- 19,603
- 6
- 53
- 101
-
Note: The exact procedure for generating and validating the tag may vary. Note2: Why we care about authentication tags is a different question. – Ella Rose Feb 06 '19 at 21:50
-
But generally the tags are calculated though some MAC calculation. The results of MAC calculations are also commonly called "authentication tags" so the term is at least not unique to AEAD ciphers. – Maarten Bodewes Feb 07 '19 at 01:57