Integrity Protection (Cryptography)

cryptography

Definition

Integrity Protection

Integrity protection is the guarantee that unauthorised modifications of protected data can be detected.

Why it matters

Confidentiality and integrity are different goals. Encryption may hide the content of a message while still allowing an attacker to alter it in a useful way.

This matters whenever encrypted data is later interpreted as structured input. If the system accepts modified ciphertext as valid, the attacker may be able to change permissions, commands, or other fields without learning the key.

Encryption without integrity

In ECB, ciphertext blocks can be copied and rearranged. In CTR, ciphertext bytes can be modified so that the plaintext changes predictably. In both cases, confidentiality alone does not stop tampering.

Mechanisms

Integrity protection can be added in two common ways.

A separate authentication mechanism such as HMAC can be computed over the ciphertext and verified before decryption or use.

Alternatively, an authenticated encryption mode such as GCM can provide confidentiality and integrity together.

HMAC over ciphertext

Suppose a system issues a ciphertext $C$ together with a tag

$$t={\mathrm{HMAC}}_k(C).$$

If an attacker changes $C$ to $C^{\prime }$, then the old tag is no longer valid. Verification fails, so the modified ciphertext is rejected.