Presentation is loading. Please wait.

Presentation is loading. Please wait.

20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 5 Epayment Security I.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 5 Epayment Security I."— Presentation transcript:

1

2 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 5 Epayment Security I

3 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Cryptography Message digest (hash) algorithms –Secure Hash Algorithm Defending against attacks –Salting, nonces Symmetric encryption –DES and variations –AES: Rijndael Public-key algorithms –RSA

4 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS One-Way Hash Functions For any input x, H(x), the hash of x, is of fixed length (shorter than x), sometimes called a message digest Easy to compute Computationally difficult to invert: can’t find a message corresponding to a hash Diffusion property: Altering any bit of the message changes many bits of the hash Weakly collision-free: given x, can’t find another message y with H(y) = H(x) Strongly collision-free: can’t find any two messages with the same hash

5 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Uses of One-Way Hash Functions Message authentication (message digests) Password verification Prevention of replay attack Digital signatures

6 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Message Digest A message digest is a “fingerprint” of a message Much shorter than the original message (e.g. 160 bits) Easy to compute Can’t recover the message from the digest Changing the message changes the digest MESSAGE (VERY LONG) DIGEST DIGEST CAN BE USED TO VERIFY THAT THE MESSAGE HAS NOT BEEN ALTERED

7 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Secure Hash Algorithm SHA-1 Federal Information Processing Standard 180-1 (NIST) For any message shorter than 2 64  10 19 bits, produces a 160-bit message digest Uses exclusive-OR operation  A =0 0 1 1 0 1 1 1 1 0 0 0 1 B = 1 1 0 1 0 0 1 1 0 1 0 1 1 A  B =1 1 1 0 0 1 0 0 1 1 0 1 0 Exclusive-OR is lossy; knowing A  B does not reveal even one bit of either A or B Regular OR: If a bit of A  B is zero, then both corresponding bits of both A and B were zero

8 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Secure Hash Algorithm SHA-1 Pad M so it is a multiple of 512 bits long Process M in blocks of 512 bits (16 32-bit words): W(0)... W(15) Expand 16-word block to 80 words for j = 16..79 by W(j) = W(j - 3)  W(j - 8)  W(j - 14)  W(j - 16) Perform 4 rounds of 20 operations each using these functions f t (X,Y,Z) on three words at a time: Rounds 0-19(X  Y)  (Z   X) Rounds 20-39X  Y  Z Rounds 40-59(X  Y)  (X  Z)  (Y  Z) Rounds 60-79X  Y  Z

9 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Single Step of SHA-1 Operates on 16-word (512-bit) blocks Expands 16 words to 80 words W t Performs 80 operations as shown for t = 0..79 a, b, c, d, e are special constants K t are special constants SOURCE: SCHNEIER, APPLIED CRYPTOGRAPHY INITIALLY CONSTANTS 80 WORDS INPUT HERE, 1 EACH STEP MAGIC CONSTANTS “<<< 5” means “cyclic left shift 5 bits” + + + + REVISED CONSTANTS FOR NEXT STEP

10 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Secure Hash Algorithm SHA-1 INITIALIZE “MAGIC” HEX CONSTANTS (8 HEX DIGITS = 32 BITS): A=67452301; B=efcdab89; C=98badcfe; D=10325476; E=c3d2e1f0; K 0-19 =5a827999; K 20-39 =6ed9eba1; K 40-59 =8f1bbdcd; K 60-79 =ca62c1d6; PROCESS THE MESSAGE IN 512-BIT BLOCKS: For each block B of 16 words in message M Expand B to 80 words For t = 0 to 79 MIX UP PARTS OF THE 80 WORDS: TEMP = (a <<< 5) + f t (b,c,d) + e + W(t) + K t e = d; d = c; c = b <<< 30; b = a; a = TEMP; ADD RESULTS TO OUTPUT FROM PREVIOUS BLOCK: A = A+a; B = B+b; C = C+c; D= D+d; E = E+e; FINAL DIGEST IS CONCATENATION OF PARTIAL DIGESTS: H(M) = A | B | C | D | E (5 words = 160 bits)

11 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Birthday Attack Dave’s birthday is Aug. 27. How many people must be in a room for the probability to be > 1/2 that someone else was born on Aug. 27? Probability that 1 person was not born on Aug. 27 = 364/365. Probability that n people were not born on Aug. 27 is p(n) = (364/365) n. Now choose n so that p(n) < 0.5 log p(n) < n log (364/635) n > log(1/2)/log(364/365)  253 If n = 183 (half of 366), p(n) = 0.6053. Less then 40% chance that someone else has same birthday

12 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Birthday Probabilities Suppose a year has d days. How many people must be in a room for the probability to be > 1/2 that some pair of people have the same birthday? Label the people 1 … n Probability that person i has no birthday in common with people 1 … i -1 is (d - i + 1)/d, so If d = 365 and n = 23, p(n)  0.4927 If d = 365 and n = 50, p(n)  0.0296 For large d, taking n  1.17 gives p(n) > 1/2

13 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Attacking Hash Algorithms If two strings M and M* can be found such that H(M) = H(M*) then a hash algorithm can be compromised Let M = PO for $100; M* = PO for $100,000 John digitally signs H(M), so it can’t be altered! If H(M*) = H(M) then we can “prove” in court that John signed the $100,000 PO Birthday attack: If the hash length is b bits, then d = 2 b ; = 2 b/2 Try about 2 b/2 small variations of the message. Prob. ~ 50% we will find one that hashes to the same value If the digest is 64 bits, try 2 32 variations. Possible!

14 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Storing Passwords A system must be able to verify that a password is correct Store the plaintext passwords. TERRIBLE IDEA Store hashed passwords. BAD IDEA –Passwords come from a small universe (~50,000 words). Possible to compare all possible hashes against the hashed file to discover passwords Hash each password differently. NOT SO BAD –Defends against dictionary attack Want to be sure that two people who have the same password have different hashes, so compromise of one password does not reveal others Don’t store H (P), the hash of the password Store H (P + S), where S, called salt, is different for each user

15 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Salting Example A’s password is “13524”; B’s password is “13524” A’s salt is “ABC”; B’s salt is “DEF” The hash of A’s salted password is “1663az78fz” System stores “A, ABC, 1663az78fz” The hash of B’s salted password is “v134c27a8” System stores “B, DEF, v134c27a8” A logs on. Sends user “A”, password “13524” System looks up A’s salt, hashes salted password, compares with stored salted password Someone who discovers A’s salted password can’t use it Can’t tell that A and B have the same password

16 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Nonce Time-dependent value used in challenge-response protocols to prevent replay attack Random numbers, timestamps System sends a nonce, e.g. “1992884665” User sends a hash of username|password|nonce System computes what the hash should be, verifies user Replay fails since the nonce will be different when the attacker tries to gain access Nonce: “for the nonce” means “for the time being,” “just for now”

17 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Data Encryption Standard (DES) Symmetric, key-based encryption-decryption standard. No public keys Block cipher: operates on 64-bit blocks Uses 56-bit key 16 “rounds” -- key for each round is a 48-bit function of the original 56-bit key. Each key bit participates in an average of 14 rounds Reversible (if the keys are known) Fast implementation in hardware: 1 gigabit/second

18 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Encryption “Rounds” X r1r1 Key r2r2 r n-1 rnrn r3r3 Y r n-2 k1k1 k2k2 k n-1 knkn k3k3 k n-2 K KE Key Expansion Round Keys Encryption Rounds r 1 … r n u Key K is expanded to a set of n round keys k i u Input block X undergoes n rounds of operations (each operation is based on value of the n th round key), until it reaches the final round r n u Strength of algorithm: difficulty of going backwards from the intermediate result of round m+1 to round m without knowing the round key r m. SOURCE: MEL TSAI

19 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Data Encryption Standard (DES) 64 BITS OF MESSAGE INPUT PERMUTATION INVERSE OF INPUT PERMUTATION SUBKEYS: EACH IS A 48-BIT FUNCTION OF A 56-BIT KEY OUTPUT: 64 BITS OF ENCRYPTED TEXT LEFT HALF OF BLOCK (32 BITS) f IS A COMPLICATED FUNCTION INVOLVING VARIOUS PERMUTATIONS SOURCE: SCHNEIER, APPLIED CRYPTOGRAPHY

20 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS One Round of DES SOURCE: FORD & BAUM, SECURE ELECTRON IC COMMERCE

21 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Modes of DES Use ECB - Electronic Codebook Mode –Straight DES. Independent groups of 64 bit. Weakness: same 64 bits always encrypts to the same ciphertext CFB - Cipher Feedback Mode –XOR next plaintext block before encrypting CBC - Cipher Block Chaining –encrypt previous output block, XOR with plaintext OFB - Output Feedback Mode –XOR encrypted plaintext with next plaintext block 3DES - Triple DES –Encrypt with K 1, decrypt with K 2, encrypt with K 1 Windows NT uses DES, DES-CBC and 3DES

22 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Cipher Block Chaining Example In ECB mode, the same input text always produces the same output. This creates risk of partial decryption. INITIALIZATION STRING  PLAINTEXT BLOCK 1 DES CIPHERTEXT BLOCK 1  PLAINTEXT BLOCK 2 DES CIPHERTEXT BLOCK 2 etc.

23 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Triple DES Security can be increased by encrypting multiple times with different keys Double DES is not much more secure than single DES because of a “meet-in-the-middle” attack If K 1 = K 2 = K 3 this is just single DES DES ENCRYPT DES ENCRYPT DES DECRYPT PLAINTEXT BLOCK 1 CIPHERTEXT BLOCK 1 K1K1 K2K2 K3K3

24 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS AES, the DES Replacement AES = Advanced Encryption Standard DES has weaknesses: –slow (by modern standards) –weak (can be broken by fast computers) NIST ran a competition to replace DESNIST Winner: Rijndael, invented by Vincent Rijmen and Joan Daeman No patenting allowed Round block cipher of similar structure to DES but faster, more secure

25 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Rijndael Allows 128, 192, and 256-bit key sizes Variable block length: 128, 192, or 256 bits. All nine combinations of key/block length possible. –A block is the smallest data size the algorithm will encrypt Huge speed improvement over DES in both hardware and software implementations –Software: 8416 bytes/sec on a 20MHz 8051 –Software: 53 Mbytes/sec on a 800MHz Pentium –Hardware: currently up to 25 Gbps Each input block is treated as a matrix of bits (rows and columns)

26 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Rijndael Detailed view of round n u Each round consists of: u ByteSub: each 8 bits of input is replaced with a different 8 bits u ShiftRow: each row of the block matrix is cyclically shifted u MixColumn u AddRoundKey ByteSubShiftRowMixColumnAddRoundKey knkn Result from round n-1 Pass to round n+1 SOURCE: MEL TSAI

27 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Rijndael: ByteSub Each byte at the input of a round is transformed as follows: Substitution (“S”)-box: SOURCE: MEL TSAI

28 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Rijndael: ShiftRow Depending on block length, each row of the block is cyclically shifted according to this table: SOURCE: MEL TSAI

29 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Rijndael: MixColumn Each column is multiplied by a fixed polynomial C(x) = ’03’*X 3 + ’01’*X 2 + ’01’*X + ’02’ This corresponds to matrix multiplication b(x) = c(x)  a(x): SOURCE: MEL TSAI

30 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Rijndael: Key Expansion and Addition Each block is XOR’ed with the expanded round key k i SOURCE: MEL TSAI

31 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS One-Way Trapdoor Function A function that is easy to compute Computationally difficult to invert without knowing the secret (the “trapdoor”) Example: f (x, y) = xy Given f (x, y), it is difficult to find either x or y Given f (x, y) and x (the secret), it is easy to find y One-way trapdoor functions can be used in public- key cryptography.

32 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS RSA Encryption Select two large prime numbers p, q (e.g. 1024 bits) Let n = p q Choose a small odd integer e that does not divide m = (p - 1)(q - 1). Then x (p-1)(q-1) = 1 (mod n) Compute d = e -1 (mod m) –That is, d e gives remainder 1 when divided by m –Then x e d = x (mod n) (by Fermat’s “Little” Theorem) Public key is the pair (e, n) Private key is the pair (d, n) Knowing (e, n) is of no help in finding d. Still need p and q, which involves factoring n

33 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS MULTIPLICATION MOD 7 Multiplicative Inverses Over Finite Fields The inverse e -1 of a number e satisfies e -1 e = 1 The inverse of 5 is 1/5 If we only allow numbers from 0 to n-1 (mod n), then for special values of n, each e  0 has a unique inverse 6 2 = 12 WHEN DIVIDED BY 7 GIVES REMAINDER 5 EACH ROW EXCEPT THE ZERO ROW HAS EXACTLY ONE 1 EACH ELEMENT HAS A UNIQUE INVERSE

34 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS RSA Encryption Message M is a number To encrypt message M using key (e, n): Compute C(M) = M e (mod n) To decrypt message C using key (d, n): Compute P(C) = C d (mod n) Note that P(C(M)) = C(P(M)) = (M e ) d (mod n) = M ed (mod n) = M

35 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS RSA Example p = 61; q = 53 n = pq = 3233 (modulus, can be given to others) e = 17 (public exponent, can be given to others) d = 2753 (private exponent, kept secret!) PUBLIC KEY = (3233, 17) PRIVATE KEY = (3233, 2753) To encrypt 123, compute 123 17 (mod 3233) = 337587917446653715596592958817679803 mod 3233 = 855 To decrypt 855, compute 855 2753 (mod 3233) = 123 (intermediate value has 8072 digits) SOURCE: FRANCIS LITTERIOFRANCIS LITTERIO 37 digits

36 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS RSA in One PERL Statement print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*", )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^ *lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc` (uses dc, an Unix arbitrary precision arithmetic package) RSA U.S. patent expired September 20, 2000 SOURCE: ADAM BACKADAM BACK

37 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Major Ideas We need secure hashing algorithms to create message digests SHA has not been cracked (reversed) Encryption algorithms are complex –must be studied carefully (by cryptographers) –subject to sophisticated attacks Symmetric encryption is fast –DES is not secure –3DES will soon not be secure –DES family being replaced with Rijndael Salting defends against dictionary attacks Nonces defend against replay attacks RSA is the principal public-key encryption algorithm

38 20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Q A &

39 Meet-in-the-Middle Attack Exhaustive search for keys to crack 2DES would seem to require testing 2 128 keys Start with (m, c), a plaintext/ciphertext pair Encrypt a two-block plaintext m with all possible 2 64 single DES keys k 1 ; sort the resulting pairs (k 1, c middle ) Decrypt the 2-block ciphertext c with all possible 2 64 single DES keys k 2 ; for each result c middle, check to see whether it occurs in the sorted list If so, (k 1, k 2 ) is a possible key. enc 2DES ((k 1, k 2 ),m) = enc DES (k 2, enc DES (k 1,m)) = enc DES (k 2, c middle1 ) = c This only requires testing 2 64 keys (and sorting them)

Download ppt "20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 5 Epayment Security I."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)

Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.

PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Epayment Security II.

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Announcements: 1. HW7 due next Tuesday. 2. Inauguration today! Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman,

Announcements: 1. HW7 due next Tuesday. 2. Inauguration today! Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman,
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.

Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
ELECTRONIC PAYMENT SYSTEMS 20-763 SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 4: ePayment Security I.

ELECTRONIC PAYMENT SYSTEMS SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 4: ePayment Security I.

Similar presentations

Ads by Google