Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptographic Hash Functions

Published bySurya Sugiarto Modified over 5 years ago

Similar presentations

Presentation on theme: "Cryptographic Hash Functions"— Presentation transcript:

1 Cryptographic Hash Functions
CS 465 Cryptographic Hash Functions Last Updated: Sep 19, 2017

2 Message Digests Input to a hash function is called a pre-image
Output of a hash function is a message digest d, also known as hash codes or hash values Sort of like a message fingerprint/footprint Cryptographic hash functions are ONE-way They cannot be inverted

3 Properties of a Hash Function (H)
H can be applied to a block of data of any size H produces a fixed-length output H(x) is relatively easy to compute for any given x For any given value h, it is computationally infeasible to find x such that H(x) = h For any given block x, it is computationally infeasible to find y ≠ x with H(y) = H(x) It is computationally infeasible to find any pair (x, y) such that H(x) = H(y) (one-way) (weak collision resistance) (strong collision resistance)

4 Attacks on Hash Functions
First pre-image attack Given a digest d, find a message m such that H(m) = d Think property #4 Second pre-image attack Given a message m1, find a different message m2 such that H(m2) = H(m1) Cost: 2n where n = # of digest bits Think property #5 Collisions Two messages both hash to the same value Birthday Attack Given n-bit digest, birthday attack says that we’ll find a match after 2n/2 attempts Think property #6 253 people in a room Odds are good that one of them shares a birthday with you 23 people in a room Odds are good that two people share a birthday

5 Useful Applications of Hashes
Human-readable method to compare/verify data File downloads Before learning suite, we used to have students in a hash of their projects Chaining events together – blockchain (think Bitcoin) Digital signatures and message authentication codes Fundamental building block of many secure protocols Schneier (Secrets and Lies) – “They are probably the single most useful tool in a cryptographer’s toolbox”

6 SHA-1 Hash Function The following diagrams illustrates how SHA-1 is implemented SHA-1 is implemented using the Merkle-Damgård construction See It is important to understand the details of this implementation in order to understand the MAC attack discussed later and the MAC attack lab

7 Merkle-Damgård Construction

8 64 bits

9 MAC attack regions of interest
64 bits MAC attack regions of interest

10 MD5 and SHA MD5 SHA-0 SHA-1 SHA-2 SHA-3
Completely broken – collisions found SHA-0 SHA-1 Weaknesses discovered, not recommended for new apps after 2010 SHA-2 ok to use, no known flaws SHA-3 Subset of Keccak (pronounce ketchak) New government standard in 2015 based on a competition (like AES) Completely different construction than prior SHA variants Does not use Merkle-Damgard construction – uses a sponge construction A defense in the event that SHA2 collapses See comparison chart

11 Lecture Notes See articles about SHA-1 collsions
2005 – Chinese researchers discovered first SHA-1 collisions faster than brute force (2^69) 2017 – Google can generate pdf files with the same SHA-1 hash 100,000 times faster than brute force

Download ppt "Cryptographic Hash Functions"

Similar presentations

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Information Security and Management 11

Information Security and Management 11
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Hash Functions Nathanael Paul Oct. 9, 2002. Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.

CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
HASH Functions.

HASH Functions.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.

Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.
IS 302: Information Security and Trust Week 5: Integrity 2012.

IS 302: Information Security and Trust Week 5: Integrity 2012.
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.

Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.
Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy

Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy
Cryptography and Network Security (CS435) Part Nine (Message Authentication)

Cryptography and Network Security (CS435) Part Nine (Message Authentication)

Similar presentations

Ads by Google