6 Integrity

6.1 Encryption and integrity

You should recall from Section 3.2 that integrity relates to assurance that there has been no unauthorised modification of a message and that the version received is the same as the version sent.

Activity 10

Pause here for a while and consider whether encryption can be used as an effective assurance of the integrity of a message.

Encryption does provide some assurance about the integrity of a message. After all, if we are confident that the message has been immune from eavesdropping then, with the use of an appropriate encryption scheme, we might also be reasonably confident that it has not been altered in any way. You should recall, though, that in the discussion about block ciphers, I said that they allowed specific portions of a message to be extracted and manipulated. If an attacker knew which portions of the message to target, it would be possible to extract one portion and substitute another. Imagine, for example, a bank that uses a block cipher to encrypt information about certain transactions. One block may contain details of the account to be debited, another the account to be credited, and another the amount to be transferred. It might not be too difficult to substitute any of these blocks with data that had been extracted and recorded from some earlier transaction.

There are other reasons why encryption alone does not provide a completely workable solution. As you have already seen, the encryption process carries overheads in terms of resources and for some applications it is preferable to send data in the clear. Also some network management protocols separate the confidentiality and integrity functions, so encryption is not always appropriate.