1. Cryptographic Hash Functions

2. Introduction
A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value.
The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest.

3. The ideal cryptographic hash function has four main properties
It is easy to compute the hash value for any given message
It is infeasible to generate a message that has a given hash
It is infeasible to modify a message without changing the hash
It is infeasible to find two different messages with the same hash

4. There are several well-known hash functions in use today:
Hashed Message Authentication Code (HMAC): Combines authentication via a shared secret with hashing.
Message Digest 2 (MD2): Byte-oriented, produces a128-bit hash value from an arbitrary-length message, designed for smartcards.
MD4: Similar to MD2, designed specifically for fast processing in software.
MD5: Similar to MD4 but slower because the data ismanipulated more. Developed after potential weaknesses were reported inMD4.
Secure Hash Algorithm (SHA): Modeled after MD4 and proposed by NIST forthe Secure Hash Standard (SHS), produces a 160-bit hash value.

5. Merkle-Damgard Scheme
A hash function must be able to process an arbitrary-length message into a fixed-length output.
This can be achieved by breaking the input up into a series of equal-sized blocks, and operating on them in sequence using a one-way compression function.
The compression function can either be specially designed for hashing or be built from a block cipher.
A hash function built with the Merkle–Damgård construction is as resistant to collisions as is its compression function; any collision for the full hash function can be traced back to a collision in the compression function.

6. Cont..,
The last block processed should also be unambiguously length padded; this is crucial to the security of this construction. This construction is called the Merkle–Damgard construction. Most widely used hash functions, including SHA-1 and MD5, take this form.
The construction has certain inherent flaws, including length-extension and generate-and-paste attacks, and cannot be parallelized. As a result, many entrants in the current NIST hash function competition are built on different, sometimes novel, constructions.

7. Merkle-Damgard Scheme
Figure Merkle-Damgard scheme

8. Crypto Hash Function Design
Desired property: avalanche effect
Any change to input affects lots of output bits
Crypto hash functions consist of some number of rounds
Analogous to block cipher in CBC mode
Want security and speed
Avalanche effect after few rounds
But simple rounds

9. Crypto Hash Function Design
Input data split into blocks
Compression function applied to blocks
Current block and previous block output
Output for last block is the hash value
For hashes we consider
Block size is 512 bits
Compression function output is 128 bits

10. Rabin Scheme

11. Davies-Meyer Scheme

12. Matyas-Meyer-Oseas Scheme

13. Miyaguchi-Preneel Scheme

14. Applications for hashes
We can use a hash any time we want to prove message integrity. Hash values have been important in incident response for a long time. They can be used to put a "tamper proof seal" on digital evidence as it is collected. For instance, many incident responders prefer Polaroid cameras since digital photos can be easily altered. However, digital cameras are much more convenient, so best practice is to make a hash of the digital photo as soon as possible to reduce the time window on ecould claim the photo was altered. Some cameras such as Nikon D200 and beyond have the ability to "authenticate" the images they shoot; this, of course, is done with a hash.

15. The End
Thank you