|
Authentication is done by calculating cryptographic hash of the data during encryption and decryption, and comparing the results. There are two popular approaches to that: one is to calculate the checksum of the whole file, another is to calculate checksums of small blocks in the file. The downside of the first approach is that you need to have the whole file in order to authenticate it, which may not be the case. Partial file modifications are also problematic in this case and might also require access to the full file. The second approach is vulnerable to several types of attacks. Most likely, the service provider may construct a version of the file that never really existed by combining different small blocks in different ways.
|