The data and message integrity service helps to protect data and software on workstations, file servers, and other LAN components from unauthorized modification. The unauthorized modification can be intentional or accidental.

This service can be provided by the use of cryptographic checksums, and very granular access control and privilege mechanisms. The more granular the access control or privilege mechanism, the less likely an unauthorized or accidental modification can occur.

The data and message integrity service also helps to ensure that a message is not altered, deleted or added to in any manner during transmission. (The inadvertent modification of a message packet is handled through the media access control implemented within the LAN protocol.)

Most of the security techniques available today cannot prevent the modification of a message, but they can detect the modification of a message (unless the message is deleted altogether). The use of checksums provide a modification detection capability.

A Message Authentication Code (MAC), a type of cryptographic checksum, can protect against both accidental and intentional, but unauthorized, data modification. A MAC is initially calculated by applying a cryptographic algorithm and a secret value, called the key, to the data.

The initial MAC is retained. The data is later verified by applying the cryptographic algorithm and the same secret key to the data to produce another MAC; this MAC is then compared to the initial MAC. If the two MACs are equal, then the data is considered authentic.

Otherwise, an unauthorized modification is assumed. Any party trying to modify the data without knowing the key would not know how to calculate the appropriate MAC corresponding to the altered data. FIPS 113, Computer Data Authentication, defines the Data Authentication Algorithm, based on the DES, which is used to calculate the MAC. See [SMID88] for more information regarding the use of MACs.

The use of electronic signatures can also be used to detect the modification of data or messages. An electronic signature can be generated using public key or private key cryptography. Using a public key system, documents in a computer system are electronically signed by applying the originator’s private key to the document.

The resulting digital signature and document can then be stored or transmitted. The signature can be verified using the public key of the originator. If the signature verifies properly, the receiver has confidence that the document was signed using the private key of the originator and that the message had not been altered after it was signed.

Because private keys are known only to their owner, it may also possible to verify the originator of the information to a third party. A digital signature, therefore, provides two distinct services: nonrepudiation and message integrity. FIPS PUB 186, Digital Signature Standard, specifies a digital signature algorithm that should be used when message and data integrity are required.

The message authentication code (MAC) described above can also be used to provide an electronic signature capability. The MAC is calculated based on the contents of the message. After transmission another MAC is calculated on the contents of the received message.

If the MAC associated with the message that was sent is not the same as the MAC associated with the message that was received, then there is proof that the message received does not exactly match the message sent. A MAC can be used to identify the signer of the information to the receiver.

However, the implementations of this technology do not inherently provide nonrepudiation because both the sender of the information and the receiver of the information share the same key. The types of security mechanisms that could be implemented to provide the data and message integrity service are listed below.

• Message authentication codes used for software or files.
• Use of secret key based electronic signature.
• Use of public key digital signature.
• Granular privilege mechanism.
• Appropriate access control settings (i.e. no unnecessary write permissions.)
• Virus detection software.
• Workstations with no local storage (to prevent local storage of software and files.)
• Workstations with no diskette drive/tape drive to prevent introduction of uspect software.
• Use of public key digital signatures.