Article

In order to protect against fraud in electronic fund transfers, the Message Authentication Code (MAC), ANSI X9.9, was developed. The MAC is a check value derived from the contents of the message itself that is sensitive to the bit changes in a message. It is similar to a Cyclic Redundancy Check (CRC). A MAC is appended to the message before it is transmitted. At the receiving end, a MAC is generated from the received message and is compared to the MAC of an original message. A match indicates that the message was received without any modification occurring while en route.

Encryption can be performed at different communication levels, each with different types of protection and implications. Two general modes of encryption implementation are link encryption and end-to-end encryption. Link encryption encrypts all the data along a specific communication path, as in a satellite link, T3 line, or telephone circuit. Not only is the user information encrypted, but the header, trailers, addresses, and routing data that are part of the packets are also encrypted.

In summary, to send a message:
1. A hash algorithm is used to generate the message digest from the message.

2. The message digest is fed into the digital signature algorithm that generates the signature of the message. The signing of the message is accomplished byeencrypting the message digest with the sender’s private key and attaching the result to the message. Thus, the message is a signed message.

1. Cipher Block Chaining (CBC)
2. Electronic Code Book (ECB)
3. Cipher Feedback (CFB)
4. Output Feedback (OFB)

Cipher Block Chaining

In reality, encryption can happen at different layers of an operating system and network stack. The following are just a few examples:
• End-to-end encryption happens within the applications.
• SSL encryption takes place at the transport layer.
• PPTP encryption takes place at the data link layer.
• Link encryption takes place at the data link and physical layers.