Lab task-4:  Authenticating the signature using MD5 hash algorithm.

In [11]:
import hmac
import hashlib

def generate_signature(message: bytes, secret_key: bytes) -> str:
    signature = hmac.new(secret_key, message, hashlib.md5).hexdigest()
    return signature

def verify_signature(message: bytes, secret_key: bytes, received_signature: str) -> bool:
    expected_signature = generate_signature(message, secret_key)
    return hmac.compare_digest(expected_signature, received_signature)

if __name__ == "__main__":
    print("=== AUTHENTICATING THE SIGNATURE USING MD5 HASH ALGORITHM ===\n")

    secret_key_input = input("Enter the secret key (shared between sender and receiver): ")
    message_input = input("Enter the message to send: ")

    secret_key = secret_key_input.encode()
    message = message_input.encode()

    # Sender Side
    sender_signature = generate_signature(message, secret_key)
    print("\n=== SENDER SIDE ===")
    print("Message:", message_input)
    print("Generated Signature (HMAC-MD5):", sender_signature)

    # Receiver Side
    print("\n=== RECEIVER SIDE ===")
    print("Received Message:", message_input)
    received_sig = input("Enter the received signature (copy from above): ")

    if verify_signature(message, secret_key, received_sig):
        print("✅ Signature Verified: Message is Authentic")
    else:
        print("❌ Signature Verification Failed: Message is Tampered")

    # Tampering Test
    print("\n=== TAMPERING TEST ===")
    tampered_message_input = input("Enter a tampered message to test verification: ")
    tampered_message = tampered_message_input.encode()

    if verify_signature(tampered_message, secret_key, sender_signature):
        print("⚠ Tampered message accepted (should not happen!)")
    else:
        print("❌ Tampered Message Detected - Authentication Failed")

=== AUTHENTICATING THE SIGNATURE USING MD5 HASH ALGORITHM ===



Enter the secret key (shared between sender and receiver):  mysecret
Enter the message to send:  I'm Varshitha, and my pin number is 1234.



=== SENDER SIDE ===
Message: I'm Varshitha, and my pin number is 1234.
Generated Signature (HMAC-MD5): 82cd35cbc484e7ca1b1cfa2e531a1c8a

=== RECEIVER SIDE ===
Received Message: I'm Varshitha, and my pin number is 1234.


Enter the received signature (copy from above):  82cd35cbc484e7ca1b1cfa2e531a1c8a


✅ Signature Verified: Message is Authentic

=== TAMPERING TEST ===


Enter a tampered message to test verification:  I'm Varshitha, and my pin number is 1231.


❌ Tampered Message Detected - Authentication Failed
