Search

Hash Functions, the MD5 Algorithm and the Future (SHA-3)

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1

    1 Favorite

    Hash Functions, the MD5 Algorithm and the Future (SHA-3) - Presentation Transcript

    1. Hash Functions, the MD5 Algorithm and the Future (SHA-3) Dylan Field, Fall ’08 SSU Math Colloquium
    2. What is a hash?
    3. First, Consider Humpty Dumpty...
    4. Humpty Dumpty sat on a wall.
    5. Humpty Dumpty had a great fall.
    6. All the king’s horses and all the king’s men
    7. Couldn’t put Humpty together again.
    8. X
    9. h(x)
    10. BUT h(x) is a one way function
    11. ... so they can’t put Humpty together again.
    12. x hash function h(x) Humpty falls
    13. ‘ hello’ MD5 x hash function h(x) Humpty falls
    14. 5d41402abc4b ‘ hello’ MD5 2a76b9719d91 1017c592 x hash function h(x) Humpty falls
    15. - going backwards - - sdrawkcab gniog -
    16. - going backwards - - sdrawkcab gniog -
    17. - going backwards - NO!!! - sdrawkcab gniog -
    18. - going backwards - 5d41402abc4b 2a76b9719d91 1017c592 - sdrawkcab gniog -
    19. - going backwards - 5d41402abc4b 2a76b9719d91 1017c592 ‘ hello’ - sdrawkcab gniog -
    20. Requirements h(x)
    21. Requirements h(x) Given h(x) cannot find x 1
    22. Requirements h(x) Given h(x) h(x) is cannot find x constant 1 2
    23. Requirements h(x) Given h(x) h(x) is Can’t find x2 cannot find x constant so h(x2)=h(x1) 1 2 3
    24. Requirement #3 - Humpty Dumpty Style
    25. Requirement #3 - Humpty Dumpty Style ≠
    26. Requirement #3 - Humpty Dumpty Style ≠ ≠ ≠ ≠ .........
    27. so how does it work?
    28. ‘ hello’
    29. 5d41402abc4b2a76b9719d911017c592
    30. we’re going to focus on MD5
    31. 1. Convert ‘x’ to binary
    32. ‘ hello’ 0110100001100101011011000110110001101111
    33. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0
    34. ‘hello’ in binary 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
    35. ‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
    36. ‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0’s until 0000000000 0000000000 0000000000 0000000000 0000000000 x mod 512 = 496 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
    37. ‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0’s until 0000000000 0000000000 0000000000 0000000000 0000000000 x mod 512 = 496 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 add 16 bit binary 0000000000101000 representation of x
    38. xpadded = 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
    39. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words
    40. 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000 W1 = 01101000011001010110110001101100
    41. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3.
    42. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians
    43. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts
    44. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts w[g] = Word number (0 – 15)
    45. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts w[g] = Word number (0 – 15) h0 = a = 0x67452301 h1 = b = 0xEFCDAB89 h2 = c = 0x98BADCFE h3 = d = 0x10325476
    46. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part
    47. But first... binary operations!
    49. ∧ (AKA ‘AND’)
    50. p q ∧ T T
    51. p q ∧ T T T
    52. p q ∧ T T T T F
    53. p q ∧ T T T T F F
    54. p q ∧ T T T T F F F T
    55. p q ∧ T T T T F F F T F
    56. p q ∧ T T T T F F F T F F F
    57. p q ∧ T T T T F F F T F F F F
    58. In binary: T=1 F=0
    59. p q ∧ T T T T F F F T F F F F
    60. p q ∧ bit 1 bit 2 ∧ T T T 1 1 1 T F F 1 0 0 F T F 0 1 0 F F F 0 0 0
    63. bit 1 bit 2 ∨ 1 1 1 1 0 1 0 1 1 0 0 0
    64. ⊕ “XOR is a type of logical disjunction on two operands that results in a value of “true” if and only if exactly one of the operands has a value of ‘true’”
    65. bit 1 bit 2 ∨ bit 1 bit 2 ⊕ 1 1 1 1 1 F 1 0 1 1 0 T 0 1 1 0 1 T 0 0 0 0 0 F
    66. ¬
    67. ¬ (not)
    68. ¬1=0 ¬0=1
    69. << (bit shift)
    70. 1 0 1 0 1 0
    71. 0 1 0 1 0 0 1 0 1 0 0 0
    72. Remember: a,b,c,d are h0-3
    73. Operation A f = (b ∧ c) ∨ (¬ b ∧ d) g=i
    74. Operation B f = (d ∧ b) ∨ ((¬ d) ∧ c) g = (5i + 1) mod 16
    75. Operation C f=b⊕c⊕d g = (3i + 5) mod 16
    76. Operation D f = c ⊕ (b ∨ (¬ d)) g = (7i) mod 16
    77. A B C D
    78. A B C D
    79. A B C D
    80. B b + {(a + f + k[i] + w[g]) << r[i]}
    81. b + {(a + f + k[i] + w[g]) << r[i]} h1 h0 Calculated in The gth word Operations A-D (32 bit chunk) |sin(i+1)| x 232 ith pre-designated where ‘i’ is in radians shift
    82. After all 64 rounds...
    83. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part 6. Add a, b, c and d to register values
    84. h0 = h0 + a h1 = h1 + b h2 = h2 + c h3 = h3 + d
    85. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part 6. Add a, b, c and d to register values 7. Append the register values to create digest
    86. 128 bit digest
    87. ‘ hello’
    88. 5d41402abc4b2a76b9719d911017c592
    89. So?
    90. Applications
    91. Applications Password Protection
    92. Message Integrity Applications Password Protection
    93. Message Integrity Applications Digital Password Signatures Protection
    94. Password Protection
    95. When you registered... MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99
    96. When you registered... MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99 Data Base
    97. ‘password’
    98. MD5 ‘password’
    99. MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99
    100. 5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password?
    101. 5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password? No. Give ‘incorrect password’ error
    102. 5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password? No. Yes. Give ‘incorrect Let user password’ error into website
    103. Attacks
    104. Rainbow Tables
    105. omgyouarenever 1c9fee8bd70a5afb6 goingtocrackthis 30fc4f38e97123f 123
    106. omgyouarenever 1c9fee8bd70a5afb6 goingtocrackthis 30fc4f38e97123f 123
    107. and Brute Force Attacks
    108. Message Integrity
    109. digest
    110. File Verification
    111. File Verification Guarding against corruption
    112. File Verification Guarding against corruption Proving you have something before you release it
    113. Attacks
    114. Nostradamus Attack
    115. But on November 30th 2007...
    116. “We have used a Sony Playstation 3 to correctly predict the outcome of the 2008 US presidential elections. In order not to influence the voters we keep our prediction secret, but commit to it by publishing its cryptographic hash on this website. The document with the correct prediction and matching hash will be revealed after the elections.” - Marc Stevens, Arjen Lenstra and Benne de Weger
    117. 3D515DEAD7AA1656 0ABA3E9DF05CBC80
    118. But how could they have known!?!?
    119. But how could they have known!?!? They didn’t.
    120. 3D515DEAD7AA1656 0ABA3E9DF05CBC80
    121. Digital Signatures
    122. MD5 hash
    123. MD5 hash private key encrypted
    124. MD5 hash private key hash encrypted public key
    125. MD5 hash private MD5 key hash encrypted public key
    126. MD5 hash private MD5 key hash ✔ encrypted public key
    127. Attacks
    128. Collision Attack
    129. hash private MD5 key hash ✔ encrypted public key
    130. Changed hash Message MD5 hash ✔ encrypted public key
    131. Very Dangerous!
    132. Birthday Attack
    133. Relies on ‘Birthday Paradox’
    134. Relies on ‘Birthday Paradox’ First we calculate the chance no one has the same birthday
    135. p(1)=100%
    136. p(2)=(1)(1 - 1/365)
    137. p(3)=(1)(1 - 1/365)(1 - 2/365)
    138. To Generalize...
    139. P(n)= 365! . 365 n(365-n)!
    140. 23 50% chance
    141. 30 70.6% chance
    142. 50 97% chance
    143. We can use this property to find out how many hashes must be calculated to find a collision.
    144. Current State of MD5
    145. MD5 =
    146. MD5 = Broken
    147. The Future of Hashes
    148. Submissions were due on October 30th
    149. Currently Submitted
    150. Skein Maraca BLAKE MD6 Keccak CubeHash Edon-R Ponic EnRUPT SHAMATA MCSSHA-3 Sgàil Blue Midnight Wish Grøstl ESSENCE WaMM Boole NaSHA NKS2D Waterfall
    151. Skein BLAKE MD6 Maraca Keccak CubeHash Edon-R Ponic EnRUPT SHAMATA MCSSHA-3 Sgàil Blue Midnight Wish Grøstl ESSENCE WaMM Boole NaSHA NKS2D Waterfall
    152. Thank you for coming!
    153. Any Questions?

    + Dylan FieldDylan Field, 11 months ago

    custom

    1426 views, 1 favs, 0 embeds more stats

    This was filmed at the Sonoma State University math more

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 1426
      • 1426 on SlideShare
      • 0 from embeds
    • Comments 0
    • Favorites 1
    • Downloads 57
    Most viewed embeds

    more

    All embeds

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    more
    -->
    Search
    RSS Feed
    What's new?

    © 2009 SlideShare Inc. All Rights Reserved