Upcoming SlideShare
×

# Cryprography Assignment

2,405 views
2,098 views

Published on

List cryptographic hash algorithms and list their applications. MD5 hash algorithm discussion.

Published in: Technology, Education
0 Likes
Statistics
Notes
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

• Be the first to like this

Views
Total views
2,405
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
73
0
Likes
0
Embeds 0
No embeds

No notes for slide

### Cryprography Assignment

1. 1. Daffodil International University Assignment on Cryptography and Information Security 5. List cryptographic hash algorithms and list their applications. Discuss MD5 hash algorithm or any other hash algorithm in detail. Submitted By: Muhammad Ashik Iqbal M.Sc. in CSE ID: 092-25-127 DIU Submission Date: 08August 2009
2. 2. Introduction Cryptographic Hash Algorithms A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional change to the data will change the hash value. The data to be encoded is often called the "message", and the hash value is sometimes called the Message Digest or simply Digest. The ideal cryptographic hash function has four main properties: • It is easy to compute the hash value for any given message. • It is infeasible to find a message that has a given hash. • It is infeasible to modify a message without changing its hash. • It is infeasible to find two different messages with the same hash. Cryptographic hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables; as fingerprints, to detect duplicate data or uniquely identify files; or as checksums to detect accidental data corruption. Indeed, in information security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, or just hash values, even though all these terms stand for functions with rather different properties and purposes. There is a long list of cryptographic hash functions, although many have been found to be vulnerable and should not be used. Even if a hash function has never been broken, a successful attack against a weakened variant thereof may undermine the experts' confidence and lead to its abandonment. For instance, in August 2004 weaknesses were found in a number of hash functions that were popular at the time, including SHA-0, RIPEMD, and MD5. This has called into question the long-term security of later algorithms which are derived from these hash functions in particular, SHA-1 (a strengthened version of SHA-0), RIPEMD-128, and RIPEMD-160 (both strengthened versions of RIPEMD). Neither SHA-0 nor RIPEMD are widely used since they were replaced by their strengthened versions.
3. 3. As of 2009, the two most commonly used cryptographic hash functions are MD5 and SHA-1. However, MD5 has been broken; an attack against it was used to break SSL in 2008. SHA-0 and SHA-1 are members of the SHA family of hash functions developed by the NSA. In February 2005, a successful attack on SHA-1 was reported, finding collisions in about 269 hashing operations, rather than the 280 expected for a 160-bit hash function. In August 2005, another successful attack on SHA-1 was reported, finding collisions in 263 operations. Theoretical weaknesses of SHA-1 exist as well, suggesting that it may be practical to break within years. Most recently, in June 2009 an attack on SHA-1 was found which can theoretically find a collision in 252 operations. New applications can avoid these problems by using more advanced members of the SHA family, such as SHA-2, or using techniques such as randomized hashing that do not require collision resistance. However, to ensure the long-term robustness of applications that use hash functions, there is a competition to design a replacement for SHA-2, which will be given the name SHA-3 and become a FIPS standard around 2012. Some of the following algorithms are known to be insecure; consult the article for each specific algorithm for more information on the status of each algorithm. Note that this list does not include candidates in the current NIST hash function competition. For additional hash functions see the box at the bottom of the page. List of Hash Algorithms Collision Internal Block Length Word Algorithm Output size (bits) attacks state size size size size (complexity) HAVAL 256/224/192/160/128 256 1024 64 32 Yes MD2 128 384 128 No 8 Almost MD4 128 128 512 64 32 Yes (28) MD5 128 128 512 64 32 Yes (25) PANAMA 256 8736 256 No 32 Yes RadioGatún Arbitrarily long 58 words 3 words No 1-64 Yes RIPEMD 128 128 512 64 32 Yes RIPEMD-128/2 128/256 128/256 512 64 32 No 56 RIPEMD-160/3 160/320 160/320 512 64 32 No 20 SHA-0 160 160 512 64 32 Yes (239) SHA-1 160 160 512 64 40 With flaws (252) SHA-256/224 256/224 256 512 64 32 No SHA-512/384 512/384 512 1024 128 64 No Tiger(2)-192/1 192/160/128 192 512 64 64 No 60/128
4. 4. WHIRLPOOL 512 512 512 256 8 No