Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptographic Hash Functions

Published byAudra Stevenson Modified over 5 years ago

Similar presentations

Presentation on theme: "Cryptographic Hash Functions"— Presentation transcript:

1 Cryptographic Hash Functions
Beyond CRCs

2 Hash functions A hash function is a mathematical, efficiently computable function that has fixed size output: F : {0, 1}N  {0,1}n , where N > n F: {0, 1}*  {0,1}n In cryptography, the first type of hash function is often called a compression function, with the name hash function reserved for the unbounded domain type.

3 Checksums and CRCs Used to provide integrity checks against random faults. Not sufficient for protection against malicious or intentional modification. Easy to make changes and re-compute the CRC to match. In the past, it was believed that the use of CRCs within encryption was sufficient to provide integrity. However, that is no longer considered adequate: Example: The use of CRCs in the WEP protocol resulted in a serious vulnerability, allowing for powerful active attacks.

4 Cryptographic hash functions
There security of hash functions is defined empirically, if the following problems are found to be computationally infeasible: One way: Given y, find x such that h(x) = y Second pre-image resistant: Given x, find y x such that h(x) = h(y) Collision-resistant: Find y, x, with y x such that h(x) = h(y)

5 Constructing hash functions
Since constructing secure hash functions is a difficult problem, the following approach has been taken in practice: Construct a good compression function. Since the domain of compression functions are “small” they are easier to test for the desired properties. Use the MD construction (next) to turn a one-way, collision-resistant compression function into a hash function with similar properties.

6 Merkle-Damgard (MD) Here F() is a compression function, and the MD construction transforms it into a hash function on larger blocks: H(M_1) = F(IV, M_1) H(M_1 || M_2) = F(H(M_1),M_2) = F(F(IV, M_1), M_2), and so forth

7 Applications of Hash Functions
System integrity protection: For password verification, eliminating the need to keep passwords As building blocks for message authentication codes (MACs) and digital signature algorithms. File system integrity checks against intrusion detection must use secure hashes instead of regular checksums. They can then be stored in a separate database for detection of unauthorized modifications to the file system configuration

8 Message-extension attacks
Since most hash functions are built using the Merkle-Damgard construction, they are vulnerable to length-extension attacks: Given h(M) and length of M = len(M) and adversary can find h(M || M’) for chosen M’. To prevent this, MAC should be used instead of hashes to provide integrity of message transmission.

9 Message Authentication Codes
Message authentication codes, like block ciphers, are symmetrically-keyed cryptographic primitives. Like cryptographic hash functions, MACs take arbitrary-length input and produce a fixed length output. Not invertible. Require a key.

10 Using MACs M M MAC Sender Receiver K M, T T T’
The verification succeeds if the re-computed tag T’ equals the original tag T. M M T T’

11 Building MACs from hash functions
HMAC is a MAC from hash functions. Let h be the hash function. Assume L = block length of compression function input Let K be the key, K’ be the key padded with 0’s to length L. HMAC(K, M) = h(K’opad || h(K’ipad||M) ) ipad = 0x opad = 0x5c5c5c...5c5c (both of length L)

Download ppt "Cryptographic Hash Functions"

Similar presentations

Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Cryptography and Network Security Chapter 11. Chapter 11 – Message Authentication and Hash Functions At cats' green on the Sunday he took the message.

Cryptography and Network Security Chapter 11. Chapter 11 – Message Authentication and Hash Functions At cats' green on the Sunday he took the message.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.

Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.

Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
HASH Functions.

HASH Functions.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester 2008-2009 ITGD 2202 University of Palestine.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.

EE515/IS523 Think Like an Adversary Lecture 4 Crypto in a Nutshell Yongdae Kim.
Message Authentication Code July 2011. Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.

Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.

Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.

Similar presentations

Ads by Google