1.Message Leaked: The message content can leak out to people or process who do not have the appropriate credentials.
2. Metadata Analysis: By simply looking at who calls whom and how many times one can establish a relationship between the sender and the receiver. The number and the lengths of the messages are enough to establish the intent. For example if I say that that two parties exchanged 30 messages then we could conclude that there is a big enough conversation going on between them.
3. Impersonate: It is possible that a hacker can insert messages by impersonating the sender or the receiver by sending fraudulent acknowledgements of the …show more content…
Altering Timing: People forward entire conversations to others but if the sequence is changed or disturbed it can reflect badly on the contextual understanding.
7. Source of origin: People can deny and say that they did not send this message. This is a frequent excuse given in the legal proceedings.
8. Similarly the receiver can also say that they never received or read the message.
Message Authentication: It is a procedure to solve these issues such that these procedures and protocols can ensure that messages are not altered and both source and destination cannot deny the message content. The technique should also verify that order of the messages is preserved and the timing interval between the message is also preserved.
Solutions for message authentication:
1. Using Public Key encryption
a. This solves the problem but in a large multi-party social network the keys become unmanageable. Party A can encrypt the message using the private key so that non-repudiation can be managed and then use one more encryption using the public key of the receiver to make sure that only B can decrypt the message. The issue now is that it is an expensive series and the message will be encrypted and decrypted four