so I am busy writing a TCP protocol in which I send a \"packet header\" with eac

Question

so I am busy writing a TCP protocol in which I send a "packet header" with each packet of data. This packet header is a structure that contains information about the data that was sent. I want to verify whether the header was tampered with in some manner and I am thinking of using a hash of the header to ensure it was not tampered with. I want to know if it is possible to include this hash in the header itself. Here is what the packet header looks like.

I am not sure if this method will work and I am open to any other suggestions on how to verify the header.

Thanks

Explanation / Answer

First, a hash does not provide integrity. You would need a MAC (like HMAC) or a digital signature to ensure the message hasn't changed in transit.

You'll have to put some standard value (say all zeros) into the field which holds the MAC, compute the MAC, then insert the value. Otherwise you have a chicken and egg problem. You need the MAC value to compute the MAC value. So which comes first the MAC or the header you want to compute the MAC over. See the issue?

To verify the MAC, the receiver would pull out the MAC tag, replace it with all zeros (or whatever you used), compute what the MAC should be, compare with the extracted tag.

If you are not restricted to the header as defined, placing the buffer for the MAC at the end of the header would be the best. That way you can just MAC the data before the MAC slot.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.