SlideShare a Scribd company logo

Is unit 5_message authentication and hash functions

Sarthak Patel
Sarthak Patel
TechnologyEducation
1 of 47
Download to read offline
Chapter 5:Chapter 5:Chapter 5:Chapter 5:---- Message Authentication and Hash Functions Sarthak Patel, (www.sarthakpatel.in)
Outline Authentication Requirement, Functions, MessageAuthentication Code, Hash Functions, Security Of Hash Functions And Macs MD5 Message Digest Algorithm, Secure HashAlgorithm Sarthak Patel (www.sarthakpatel.in)2 Secure HashAlgorithm Ripemd-160 Hmac
Authentication Requirements 1. Disclosure: Release of message contents to any person or process not possessing the appropriate cryptographic key. 2. Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-oriented application, the frequency and duration of connections could be determined. In either a connection-oriented or connectionless environment, the number and length of messages Sarthak Patel (www.sarthakpatel.in)3 connectionless environment, the number and length of messages between parties could be determined. 3. Masquerade: Insertion of messages into the network from a fraudulent source. This includes the creation of messages by an opponent that are supposed to come from an authorized entity. Also included are fraudulent acknowledgments of message receipt or nonreceipt by someone other than the message recipient.
Contd… 4. Content modification: Changes to the contents of a message, including insertion, deletion, transposition, and modification. 5. Sequence modification: Any modification to a sequence of messages between parties, including insertion, deletion, and reordering. Sarthak Patel (www.sarthakpatel.in)4 6. Timing modification: Delay or replay of messages. In a connection-oriented application, an entire session or sequence of messages could be a replay of some previous valid session, or individual messages in the sequence could be delayed or replayed. In a connectionless application, an individual message (e.g., datagram) could be delayed or replayed.
Contd… 7. Source repudiation: Denial of transmission of message by source. 8. Destination repudiation: Denial of receipt of message by destination. Sarthak Patel (www.sarthakpatel.in)5
Message Authentication Function message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) Sarthak Patel (www.sarthakpatel.in)6 three alternative functions used: message encryption message authentication code (MAC) hash function
Message Encryption message encryption by itself also provides a measure of authentication if symmetric encryption is used then: receiver know sender must have created it since only sender and receiver now key used Sarthak Patel (www.sarthakpatel.in)7 since only sender and receiver now key used So, content cannot of been altered Provides both: sender authentication and message authenticity.
Message Encryption if public-key encryption is used: encryption provides no confidence of sender since anyone potentially knows public-key however if sender signs message using his private-key Sarthak Patel (www.sarthakpatel.in)8 sender signs message using his private-key then encrypts with recipients public key have both secrecy and authentication but at cost of two public-key uses on message
Sarthak Patel (www.sarthakpatel.in)9
Message Authentication Code (MAC) a small fixed-sized block of data: depends on both message and a secret key like encryption though need not be reversible appended to message as a signature Sarthak Patel (www.sarthakpatel.in)10 receiver performs same computation on message and checks it matches the MAC provides assurance that message is unaltered and comes from sender
Message Authentication Code This technique assumes that two communicating parties, say A and B, share a common secret key K. When A has a message to send to B, it calculates the MAC as a function of the message and the key: MAC = C(K, M), where M= input message C= MAC function Sarthak Patel (www.sarthakpatel.in)11 C= MAC function K= shared secret key MAC= message authentication code
Message Authentication Codes MAC provides authentication Message can be encrypted for secrecy generally use separate keys for each can compute MAC either before or after encryption is generally regarded as better done before Sarthak Patel (www.sarthakpatel.in)12 is generally regarded as better done before why use a MAC? sometimes only authentication is needed sometimes need authentication to persist longer than the encryption
Mac Encryption The receiver is assured that the message is from the alleged sender. Because no one else knows the secret key, no one else could prepare a message with a proper MAC. Sarthak Patel (www.sarthakpatel.in)13
MAC Properties a MAC is a cryptographic checksum MAC = CK(M) C is a function condenses a variable-length message M using a secret key K to a fixed-sized authenticator Sarthak Patel (www.sarthakpatel.in)14 to a fixed-sized authenticator many-to-one function potentially many messages have same MAC but finding these needs to be very difficult
Requirements for MACs MAC needs to satisfy the following: 1. knowing a message and MAC, is infeasible to find another message with same MAC 2. MACs should be uniformly distributed Sarthak Patel (www.sarthakpatel.in)15 2. MACs should be uniformly distributed 3. MAC should depend equally on all bits of the message
Hash Functions A hash function is like a MAC condenses arbitrary message to fixed size h = H(M) usually assume that the hash function is public and not keyed Sarthak Patel (www.sarthakpatel.in)16 keyed -note that a MAC is keyed hash used to detect changes to message can use in various ways with message most often to create a digital signature
Hash Functions & Digital Signatures Only the hash code is encrypted, using public-key encryption and using the sender's private key.As with (b), this provides authentication. It also provides a digital signature. Sarthak Patel (www.sarthakpatel.in)17
Requirements for Hash Functions 1. can be applied to any size message M 2. produces a fixed-length output h 3. is easy to compute h=H(M) for any message M 4. given h is infeasible to find x s.t. H(x)=h 5. given x is infeasible to find y s.t. H(y)=H(x) Sarthak Patel (www.sarthakpatel.in)18 5. given x is infeasible to find y s.t. H(y)=H(x) 6. is infeasible to find any x,y s.t. H(y)=H(x)
Simple Hash Functions are several proposals for simple functions based on XOR of message blocks -divide the message into equal size blocks -perform XOR operation block by block -final output is the hash Sarthak Patel (www.sarthakpatel.in)19 -final output is the hash not very secure need a stronger cryptographic function
Security of Hash Functions andSecurity of Hash Functions andSecurity of Hash Functions andSecurity of Hash Functions and MacsMacsMacsMacs Attacks on hash functions and MACs into two categories: BruteBrute--force attacksforce attacks Cryptanalysis.Cryptanalysis. Sarthak Patel (www.sarthakpatel.in)20
BruteBruteBruteBrute----Force AttacksForce AttacksForce AttacksForce Attacks Hash Functions: In hash functions there are three desirable properties One-way: For any given code h, it is computationally infeasible to find x such that H(x) = h. Weak collision resistance: For any given block x, it is Sarthak Patel (www.sarthakpatel.in)21 Weak collision resistance: For any given block x, it is computationally infeasible to find y≠x with H(y) = H(x). Strong collision resistance: It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). For a hash code of length n, the level of effort required, as we have seen is proportional to the following:
Contd… Message Authentication Codes A brute-force attack on a MAC is a more difficult undertaking because it requires known message-MAC pairs. Let us see why this is so. To attack a hash code, we can proceed in the following way. Given a fixed message x with n-bit hash code h = H(x), a brute- Sarthak Patel (www.sarthakpatel.in)22 force method of finding a collision is to pick a random bit string y and check if H(y) = H(x). The attacker can do this repeatedly off line. Whether an off-line attack can be used on a MAC algorithm depends on the relative size of the key and the MAC.
Contd… If an attacker can determine the MAC key, then it is possible to generate a valid MAC value for any input x. Suppose the key size is k bits and that the attacker has one known text-MAC pair. Then the attacker can compute the n-bit MAC on the known text for all possible keys. At least one key is guaranteed to produce the correct MAC, namely, the valid key that was Sarthak Patel (www.sarthakpatel.in)23 to produce the correct MAC, namely, the valid key that was initially used to produce the known text-MAC pair. This phase of the attack takes a level of effort proportional to 2k.
CryptanalysisCryptanalysisCryptanalysisCryptanalysis As with encryption algorithms, cryptanalytic attacks on hash functions and MAC algorithms seek to exploit some property of the algorithm to perform some attack other than an exhaustive search. The way to measure the resistance of a hash or MAC algorithm to cryptanalysis is to compare its Sarthak Patel (www.sarthakpatel.in)24 hash or MAC algorithm to cryptanalysis is to compare its strength to the effort required for a brute-force attack. That is, an ideal hash or MAC algorithm will require a cryptanalytic effort greater than or equal to the brute-force effort.
Cryptanalysis Hash Functions The hash function takes an input message and partitions it into L fixed-sized blocks of b bits each. If necessary, the final block is padded to b bits. The final block also includes the value of the total length of the input to the hash function. The inclusion of the length Sarthak Patel (www.sarthakpatel.in)25 makes the job of the opponent more difficult. Message Authentication Codes There is much more variety in the structure of MACs than in hash functions, so it is difficult to generalize about the cryptanalysis of MACs. Further, far less work has been done on developing such attacks.
Message Digests(Hash) A message digest is a fingerprint or the summary of a message. (Same as LRC and CRC) It is used to verify integrity of the data (To ensure that message has not been tampered). Ex. LRC- parity checking Sarthak Patel (www.sarthakpatel.in)26 Ex. LRC- parity checking
Idea of a Message Digest Ex: Calculate the message digest of number 7391743 Multiply each digit in the number with the next digit (excluding if it is 0) and disregarding the first digit of the multiplication operation, it the result is two-digit number. Sarthak Patel (www.sarthakpatel.in)27
Calculate MD for 7391743 Multiply 7 by 3 - 21 Discard first digit - 1 Multiply 1 by 9 - 9 Multiply 9 by 1 - 9 Multiply 9 by 7 - 63 Sarthak Patel (www.sarthakpatel.in)28 Multiply 9 by 7 - 63 Discard first digit - 3 Multiply 3 by 4 - 12 Discard first digit - 2 Multiply 2 by 3 - 6 Message digest is 6
MD5 (Message Digest 5) MD5 is a message digest algorithm developed by Ron Rivest. MD5 algorithm can be used as a digital signature mechanism. Sarthak Patel (www.sarthakpatel.in)29
Description of the MD5 Algorithm Takes as input a message of arbitrary length and produces as output a 128 bit “fingerprint” or “message digest” of the input. It it is computationally infeasible to produce two messages having the same message digest. Sarthak Patel (www.sarthakpatel.in)30 having the same message digest. Intended where a large file must be “compressed” in a secure manner before being encrypted with a private key under a public-key cryptosystem such as PGP.
MD5 Algorithm Suppose a b-bit message as input, and that we need to find its message digest. Step-1 Padding Step-2Append length Sarthak Patel (www.sarthakpatel.in)31 Step-2Append length Step-3 Divide the input into 512-bit blocks. Step-4 Initialize chaining variables (4 variables) Step-5 Process blocks
Step-1 MD5 is to add padding bits to the original message. The aim of this step is make length of the original message equal to a value, which is 64 bits less than an exact multiple of 512. Ex: 1000 bits of message (1000+472+64) Sarthak Patel (www.sarthakpatel.in)32 Ex: 1000 bits of message (1000+472+64) The padding consists of a single “1” bit is appended to the message, and then “0” bits.
Step 2 – append length: A 64 bit representation of b is appended to the result of the previous step. The resulting message has a length that is an exact multiple of 512 bits Sarthak Patel (www.sarthakpatel.in)33
Step-3 Divide the input into 512-bit blocks Data to be hashed (Digested) 1536 bits Sarthak Patel (www.sarthakpatel.in)34 512 bits 512 bits 512 bits
Step-4 Initialize chaining variables A four-word buffer (A,B,C,D) is used to compute the message digest. Here each of A,B,C,D, is a 32 bit register. Sarthak Patel (www.sarthakpatel.in)35
Step-5 Process blocks 5.1 – Copy the four variables (32*4 = 128) 5.2 – Divide the 512- bit block into 16 sub-blocks. 512 bits Sarthak Patel (www.sarthakpatel.in)36 5.3 – Process each block with A, B, C, D. 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 512 bits
5.3 - Process each block with A, B, C, D. Sarthak Patel (www.sarthakpatel.in)37
Secure Hash Algorithm (SHA) SHA-1 produces a hash value of 160 bits. SHA is designed to be computationally infeasible to: Obtain the original message Find two message producing the same MD. Sarthak Patel (www.sarthakpatel.in)38
Types(Versions) of SHA Sarthak Patel (www.sarthakpatel.in)39
Algorithm Step-1 Padding Step-2Append length Step-3 Divide the input into 512-bit blocks. Step-4 Initialize chaining variables (5 varibles) Step-5 Process blocks Sarthak Patel (www.sarthakpatel.in)40 Step-5 Process blocks
5.3- Process each block with A, B, C, D, E. Sarthak Patel (www.sarthakpatel.in)41
Comparison of MD5 & SHA-1 Points of Discussion MD5 SHA-1 MD length in bits 128 160 Attack try to find MD 2128 2160 Sarthak Patel (www.sarthakpatel.in)42 MD Attack try to find two messages producing same message digest 264 280 Speed Faster Slower
RACE Integrity Primitives Evaluation Message Digest (RIPEMD-160) RIPEMD is a cryptographic hash based upon MD4. It's been shown to have weaknesses and has been replaced by RIPEMD-128 and RIPMD-160. These are cryptographic hash functions designed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel. Sarthak Patel (www.sarthakpatel.in)43 Bosselaers, and Bart Preneel. RIPEMD-160 produces a hash of the same length as SHA1 but is slightly slower. RIPEMD-128 has been designed as a drop-in replacement for MD4/MD5 whilst avoiding some of the weaknesses shown for these two algorithms. It is about half the speed of MD5.
HMAC(HashHMAC(HashHMAC(HashHMAC(Hash----Based MAC)Based MAC)Based MAC)Based MAC) HMAC has been chosen as a security implementation for Internet Protocol (IP) and Secure Socket Layer(SSL), widely used in internet. The fundamental idea of HMAC is to reuse the existing MD5 or SHA-1. Sarthak Patel (www.sarthakpatel.in)44 SHA-1.
Original message Existing MD5 or SHA-1 MD Encrypt HMA C Sarthak Patel (www.sarthakpatel.in)4 5 K
How HMAC works? MD- Message Digest/ Hash function M – Input message ipad-A string 00110110 repeated b/8 times opqd-A string 01011010 repeated b/8 times Sarthak Patel (www.sarthakpatel.in)46
How HMAC works? Step-1 Make the length of K equal to b Length K<b (Append 0 – left side) Length K=b (Step -2) Length K>b (Hash K reduce its length to b) Step- 2 XOR K with ipad to produce S1 Sarthak Patel (www.sarthakpatel.in)47 Step- 2 XOR K with ipad to produce S1 Step -3Append M to S1 Step -4 Message Digest algorithm Step -5 XOR K with opad to produce S2 Step -6Append H toS2 Message DigestAlgorithm

Recommended

Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authenticationchauhankapil
 

Recommended

Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authenticationchauhankapil
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHMShashank Shetty
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
IPSec Overview
IPSec OverviewIPSec Overview
IPSec Overviewdavisli
 
Hash Function
Hash FunctionHash Function
Hash Functionstalin rijal
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptographyCysinfo Cyber Security Community
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Packet sniffers
Packet sniffers Packet sniffers
Packet sniffers Ravi Teja Reddy
 
Icmp
IcmpIcmp
IcmpPrincipal,Guru Nanak Institute of Technology, Nagpur
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Authentication methods
Authentication methodsAuthentication methods
Authentication methodssana mateen
 
Ike
IkeIke
Ikeshashi712
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithmBob Landstrom
 

More Related Content

What's hot

Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
IPSec Overview
IPSec OverviewIPSec Overview
IPSec Overviewdavisli
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
Authentication methods
Authentication methodsAuthentication methods
Authentication methodssana mateen
 

What's hot (20)

Message authentication
Message authenticationMessage authentication
Message authentication
 
block ciphers
block ciphersblock ciphers
block ciphers
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notes
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash function
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
 
IPSec Overview
IPSec OverviewIPSec Overview
IPSec Overview
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithm
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Packet sniffers
Packet sniffers Packet sniffers
Packet sniffers
 
Icmp
IcmpIcmp
Icmp
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIME
 
Authentication methods
Authentication methodsAuthentication methods
Authentication methods
 
Ike
IkeIke
Ike
 

Viewers also liked

Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithmBob Landstrom
 
Message digest & digital signature
Message digest & digital signatureMessage digest & digital signature
Message digest & digital signatureDinesh Kodam
 
71. el espacio del saber
71. el espacio del saber71. el espacio del saber
71. el espacio del saberdec-admin
 
DHHI--Marvellous Metal Fabrication Manufacturer
DHHI--Marvellous Metal Fabrication ManufacturerDHHI--Marvellous Metal Fabrication Manufacturer
DHHI--Marvellous Metal Fabrication ManufacturerGraceshi0722
 
K0330 1216769628337883-9
K0330 1216769628337883-9K0330 1216769628337883-9
K0330 1216769628337883-9Tony Chen
 
Triz nfs-slide-part3
Triz nfs-slide-part3Triz nfs-slide-part3
Triz nfs-slide-part3NFSTRIZ
 
апк контроль
апк контрольапк контроль
апк контрольswatchel
 
Karimanal thrml co_design_itherm2010_final
Karimanal thrml co_design_itherm2010_finalKarimanal thrml co_design_itherm2010_final
Karimanal thrml co_design_itherm2010_finalKamal Karimanal
 
339.rescatando espacios
339.rescatando espacios339.rescatando espacios
339.rescatando espaciosdec-admin
 
Insurance company
Insurance companyInsurance company
Insurance companyastoeckling
 
152. juntos cambiemos la cara de mi escuela
152. juntos cambiemos la cara de mi escuela152. juntos cambiemos la cara de mi escuela
152. juntos cambiemos la cara de mi escueladec-admin
 

Viewers also liked (20)

Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithm
 
Hash function
Hash function Hash function
Hash function
 
Message digest & digital signature
Message digest & digital signatureMessage digest & digital signature
Message digest & digital signature
 
71. el espacio del saber
71. el espacio del saber71. el espacio del saber
71. el espacio del saber
 
DHHI--Marvellous Metal Fabrication Manufacturer
DHHI--Marvellous Metal Fabrication ManufacturerDHHI--Marvellous Metal Fabrication Manufacturer
DHHI--Marvellous Metal Fabrication Manufacturer
 
Spinfinityrussian
SpinfinityrussianSpinfinityrussian
Spinfinityrussian
 
Sección 2. ordenamiento jurídico superior
Sección 2. ordenamiento jurídico superiorSección 2. ordenamiento jurídico superior
Sección 2. ordenamiento jurídico superior
 
K0330 1216769628337883-9
K0330 1216769628337883-9K0330 1216769628337883-9
K0330 1216769628337883-9
 
Triz nfs-slide-part3
Triz nfs-slide-part3Triz nfs-slide-part3
Triz nfs-slide-part3
 
апк контроль
апк контрольапк контроль
апк контроль
 
Unidad 3 sección 3
Unidad 3 sección 3Unidad 3 sección 3
Unidad 3 sección 3
 
Karimanal thrml co_design_itherm2010_final
Karimanal thrml co_design_itherm2010_finalKarimanal thrml co_design_itherm2010_final
Karimanal thrml co_design_itherm2010_final
 
Shades[1]
Shades[1]Shades[1]
Shades[1]
 
Unidad 3 sección 4
Unidad 3 sección 4Unidad 3 sección 4
Unidad 3 sección 4
 
Fusaro slideshow
Fusaro slideshowFusaro slideshow
Fusaro slideshow
 
339.rescatando espacios
339.rescatando espacios339.rescatando espacios
339.rescatando espacios
 
Insurance company
Insurance companyInsurance company
Insurance company
 
Sección 1a. unidad 9
Sección 1a. unidad 9Sección 1a. unidad 9
Sección 1a. unidad 9
 
152. juntos cambiemos la cara de mi escuela
152. juntos cambiemos la cara de mi escuela152. juntos cambiemos la cara de mi escuela
152. juntos cambiemos la cara de mi escuela
 

Similar to Is unit 5_message authentication and hash functions

Meessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxMeessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxJohnLagman3
 
Meessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxMeessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxJohnLagman3
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MACSou Jana
 
Information and network security 42 security of message authentication code
Information and network security 42 security of message authentication codeInformation and network security 42 security of message authentication code
Information and network security 42 security of message authentication codeVaibhav Khanna
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
Cryptography and network_security
Cryptography and network_securityCryptography and network_security
Cryptography and network_securityJanani Satheshkumar
 

Similar to Is unit 5_message authentication and hash functions (20)

Meessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxMeessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptx
 
Meessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptxMeessage authentication and hash functions.pptx
Meessage authentication and hash functions.pptx
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network security
 
Ch11
Ch11Ch11
Ch11
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MAC
 
Information and network security 42 security of message authentication code
Information and network security 42 security of message authentication codeInformation and network security 42 security of message authentication code
Information and network security 42 security of message authentication code
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
ch11.ppt
ch11.pptch11.ppt
ch11.ppt
 
Unit 3
Unit 3Unit 3
Unit 3
 
Cryptography and netwrk securityunit 4
Cryptography and netwrk securityunit 4Cryptography and netwrk securityunit 4
Cryptography and netwrk securityunit 4
 
Cns
CnsCns
Cns
 
Cryptography and network_security
Cryptography and network_securityCryptography and network_security
Cryptography and network_security
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 

More from Sarthak Patel

IS Unit 9_Web Security
IS Unit 9_Web SecurityIS Unit 9_Web Security
IS Unit 9_Web SecuritySarthak Patel
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecuritySarthak Patel
 
IS Unit 7_Network Security
IS Unit 7_Network SecurityIS Unit 7_Network Security
IS Unit 7_Network SecuritySarthak Patel
 
Is unit 4_number_theory
Is unit 4_number_theoryIs unit 4_number_theory
Is unit 4_number_theorySarthak Patel
 
IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographySarthak Patel
 
Is unit 2_conventional encryption techniques
Is unit 2_conventional encryption techniquesIs unit 2_conventional encryption techniques
Is unit 2_conventional encryption techniquesSarthak Patel
 
IS Unit 1_Conventional Encryption_Classical Encryption Techniques
IS Unit 1_Conventional Encryption_Classical Encryption TechniquesIS Unit 1_Conventional Encryption_Classical Encryption Techniques
IS Unit 1_Conventional Encryption_Classical Encryption TechniquesSarthak Patel
 

More from Sarthak Patel (7)

IS Unit 9_Web Security
IS Unit 9_Web SecurityIS Unit 9_Web Security
IS Unit 9_Web Security
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email Security
 
IS Unit 7_Network Security
IS Unit 7_Network SecurityIS Unit 7_Network Security
IS Unit 7_Network Security
 
Is unit 4_number_theory
Is unit 4_number_theoryIs unit 4_number_theory
Is unit 4_number_theory
 
IS Unit 3_Public Key Cryptography
IS Unit 3_Public Key CryptographyIS Unit 3_Public Key Cryptography
IS Unit 3_Public Key Cryptography
 
Is unit 2_conventional encryption techniques
Is unit 2_conventional encryption techniquesIs unit 2_conventional encryption techniques
Is unit 2_conventional encryption techniques
 
IS Unit 1_Conventional Encryption_Classical Encryption Techniques
IS Unit 1_Conventional Encryption_Classical Encryption TechniquesIS Unit 1_Conventional Encryption_Classical Encryption Techniques
IS Unit 1_Conventional Encryption_Classical Encryption Techniques
 

Recently uploaded

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Is unit 5_message authentication and hash functions

  • 1. Chapter 5:Chapter 5:Chapter 5:Chapter 5:---- Message Authentication and Hash Functions Sarthak Patel, (www.sarthakpatel.in)
  • 2. Outline Authentication Requirement, Functions, MessageAuthentication Code, Hash Functions, Security Of Hash Functions And Macs MD5 Message Digest Algorithm, Secure HashAlgorithm Sarthak Patel (www.sarthakpatel.in)2 Secure HashAlgorithm Ripemd-160 Hmac
  • 3. Authentication Requirements 1. Disclosure: Release of message contents to any person or process not possessing the appropriate cryptographic key. 2. Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-oriented application, the frequency and duration of connections could be determined. In either a connection-oriented or connectionless environment, the number and length of messages Sarthak Patel (www.sarthakpatel.in)3 connectionless environment, the number and length of messages between parties could be determined. 3. Masquerade: Insertion of messages into the network from a fraudulent source. This includes the creation of messages by an opponent that are supposed to come from an authorized entity. Also included are fraudulent acknowledgments of message receipt or nonreceipt by someone other than the message recipient.
  • 4. Contd… 4. Content modification: Changes to the contents of a message, including insertion, deletion, transposition, and modification. 5. Sequence modification: Any modification to a sequence of messages between parties, including insertion, deletion, and reordering. Sarthak Patel (www.sarthakpatel.in)4 6. Timing modification: Delay or replay of messages. In a connection-oriented application, an entire session or sequence of messages could be a replay of some previous valid session, or individual messages in the sequence could be delayed or replayed. In a connectionless application, an individual message (e.g., datagram) could be delayed or replayed.
  • 5. Contd… 7. Source repudiation: Denial of transmission of message by source. 8. Destination repudiation: Denial of receipt of message by destination. Sarthak Patel (www.sarthakpatel.in)5
  • 6. Message Authentication Function message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution) Sarthak Patel (www.sarthakpatel.in)6 three alternative functions used: message encryption message authentication code (MAC) hash function
  • 7. Message Encryption message encryption by itself also provides a measure of authentication if symmetric encryption is used then: receiver know sender must have created it since only sender and receiver now key used Sarthak Patel (www.sarthakpatel.in)7 since only sender and receiver now key used So, content cannot of been altered Provides both: sender authentication and message authenticity.
  • 8. Message Encryption if public-key encryption is used: encryption provides no confidence of sender since anyone potentially knows public-key however if sender signs message using his private-key Sarthak Patel (www.sarthakpatel.in)8 sender signs message using his private-key then encrypts with recipients public key have both secrecy and authentication but at cost of two public-key uses on message
  • 10. Message Authentication Code (MAC) a small fixed-sized block of data: depends on both message and a secret key like encryption though need not be reversible appended to message as a signature Sarthak Patel (www.sarthakpatel.in)10 receiver performs same computation on message and checks it matches the MAC provides assurance that message is unaltered and comes from sender
  • 11. Message Authentication Code This technique assumes that two communicating parties, say A and B, share a common secret key K. When A has a message to send to B, it calculates the MAC as a function of the message and the key: MAC = C(K, M), where M= input message C= MAC function Sarthak Patel (www.sarthakpatel.in)11 C= MAC function K= shared secret key MAC= message authentication code
  • 12. Message Authentication Codes MAC provides authentication Message can be encrypted for secrecy generally use separate keys for each can compute MAC either before or after encryption is generally regarded as better done before Sarthak Patel (www.sarthakpatel.in)12 is generally regarded as better done before why use a MAC? sometimes only authentication is needed sometimes need authentication to persist longer than the encryption
  • 13. Mac Encryption The receiver is assured that the message is from the alleged sender. Because no one else knows the secret key, no one else could prepare a message with a proper MAC. Sarthak Patel (www.sarthakpatel.in)13
  • 14. MAC Properties a MAC is a cryptographic checksum MAC = CK(M) C is a function condenses a variable-length message M using a secret key K to a fixed-sized authenticator Sarthak Patel (www.sarthakpatel.in)14 to a fixed-sized authenticator many-to-one function potentially many messages have same MAC but finding these needs to be very difficult
  • 15. Requirements for MACs MAC needs to satisfy the following: 1. knowing a message and MAC, is infeasible to find another message with same MAC 2. MACs should be uniformly distributed Sarthak Patel (www.sarthakpatel.in)15 2. MACs should be uniformly distributed 3. MAC should depend equally on all bits of the message
  • 16. Hash Functions A hash function is like a MAC condenses arbitrary message to fixed size h = H(M) usually assume that the hash function is public and not keyed Sarthak Patel (www.sarthakpatel.in)16 keyed -note that a MAC is keyed hash used to detect changes to message can use in various ways with message most often to create a digital signature
  • 17. Hash Functions & Digital Signatures Only the hash code is encrypted, using public-key encryption and using the sender's private key.As with (b), this provides authentication. It also provides a digital signature. Sarthak Patel (www.sarthakpatel.in)17
  • 18. Requirements for Hash Functions 1. can be applied to any size message M 2. produces a fixed-length output h 3. is easy to compute h=H(M) for any message M 4. given h is infeasible to find x s.t. H(x)=h 5. given x is infeasible to find y s.t. H(y)=H(x) Sarthak Patel (www.sarthakpatel.in)18 5. given x is infeasible to find y s.t. H(y)=H(x) 6. is infeasible to find any x,y s.t. H(y)=H(x)
  • 19. Simple Hash Functions are several proposals for simple functions based on XOR of message blocks -divide the message into equal size blocks -perform XOR operation block by block -final output is the hash Sarthak Patel (www.sarthakpatel.in)19 -final output is the hash not very secure need a stronger cryptographic function
  • 20. Security of Hash Functions andSecurity of Hash Functions andSecurity of Hash Functions andSecurity of Hash Functions and MacsMacsMacsMacs Attacks on hash functions and MACs into two categories: BruteBrute--force attacksforce attacks Cryptanalysis.Cryptanalysis. Sarthak Patel (www.sarthakpatel.in)20
  • 21. BruteBruteBruteBrute----Force AttacksForce AttacksForce AttacksForce Attacks Hash Functions: In hash functions there are three desirable properties One-way: For any given code h, it is computationally infeasible to find x such that H(x) = h. Weak collision resistance: For any given block x, it is Sarthak Patel (www.sarthakpatel.in)21 Weak collision resistance: For any given block x, it is computationally infeasible to find y≠x with H(y) = H(x). Strong collision resistance: It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). For a hash code of length n, the level of effort required, as we have seen is proportional to the following:
  • 22. Contd… Message Authentication Codes A brute-force attack on a MAC is a more difficult undertaking because it requires known message-MAC pairs. Let us see why this is so. To attack a hash code, we can proceed in the following way. Given a fixed message x with n-bit hash code h = H(x), a brute- Sarthak Patel (www.sarthakpatel.in)22 force method of finding a collision is to pick a random bit string y and check if H(y) = H(x). The attacker can do this repeatedly off line. Whether an off-line attack can be used on a MAC algorithm depends on the relative size of the key and the MAC.
  • 23. Contd… If an attacker can determine the MAC key, then it is possible to generate a valid MAC value for any input x. Suppose the key size is k bits and that the attacker has one known text-MAC pair. Then the attacker can compute the n-bit MAC on the known text for all possible keys. At least one key is guaranteed to produce the correct MAC, namely, the valid key that was Sarthak Patel (www.sarthakpatel.in)23 to produce the correct MAC, namely, the valid key that was initially used to produce the known text-MAC pair. This phase of the attack takes a level of effort proportional to 2k.
  • 24. CryptanalysisCryptanalysisCryptanalysisCryptanalysis As with encryption algorithms, cryptanalytic attacks on hash functions and MAC algorithms seek to exploit some property of the algorithm to perform some attack other than an exhaustive search. The way to measure the resistance of a hash or MAC algorithm to cryptanalysis is to compare its Sarthak Patel (www.sarthakpatel.in)24 hash or MAC algorithm to cryptanalysis is to compare its strength to the effort required for a brute-force attack. That is, an ideal hash or MAC algorithm will require a cryptanalytic effort greater than or equal to the brute-force effort.
  • 25. Cryptanalysis Hash Functions The hash function takes an input message and partitions it into L fixed-sized blocks of b bits each. If necessary, the final block is padded to b bits. The final block also includes the value of the total length of the input to the hash function. The inclusion of the length Sarthak Patel (www.sarthakpatel.in)25 makes the job of the opponent more difficult. Message Authentication Codes There is much more variety in the structure of MACs than in hash functions, so it is difficult to generalize about the cryptanalysis of MACs. Further, far less work has been done on developing such attacks.
  • 26. Message Digests(Hash) A message digest is a fingerprint or the summary of a message. (Same as LRC and CRC) It is used to verify integrity of the data (To ensure that message has not been tampered). Ex. LRC- parity checking Sarthak Patel (www.sarthakpatel.in)26 Ex. LRC- parity checking
  • 27. Idea of a Message Digest Ex: Calculate the message digest of number 7391743 Multiply each digit in the number with the next digit (excluding if it is 0) and disregarding the first digit of the multiplication operation, it the result is two-digit number. Sarthak Patel (www.sarthakpatel.in)27
  • 28. Calculate MD for 7391743 Multiply 7 by 3 - 21 Discard first digit - 1 Multiply 1 by 9 - 9 Multiply 9 by 1 - 9 Multiply 9 by 7 - 63 Sarthak Patel (www.sarthakpatel.in)28 Multiply 9 by 7 - 63 Discard first digit - 3 Multiply 3 by 4 - 12 Discard first digit - 2 Multiply 2 by 3 - 6 Message digest is 6
  • 29. MD5 (Message Digest 5) MD5 is a message digest algorithm developed by Ron Rivest. MD5 algorithm can be used as a digital signature mechanism. Sarthak Patel (www.sarthakpatel.in)29
  • 30. Description of the MD5 Algorithm Takes as input a message of arbitrary length and produces as output a 128 bit “fingerprint” or “message digest” of the input. It it is computationally infeasible to produce two messages having the same message digest. Sarthak Patel (www.sarthakpatel.in)30 having the same message digest. Intended where a large file must be “compressed” in a secure manner before being encrypted with a private key under a public-key cryptosystem such as PGP.
  • 31. MD5 Algorithm Suppose a b-bit message as input, and that we need to find its message digest. Step-1 Padding Step-2Append length Sarthak Patel (www.sarthakpatel.in)31 Step-2Append length Step-3 Divide the input into 512-bit blocks. Step-4 Initialize chaining variables (4 variables) Step-5 Process blocks
  • 32. Step-1 MD5 is to add padding bits to the original message. The aim of this step is make length of the original message equal to a value, which is 64 bits less than an exact multiple of 512. Ex: 1000 bits of message (1000+472+64) Sarthak Patel (www.sarthakpatel.in)32 Ex: 1000 bits of message (1000+472+64) The padding consists of a single “1” bit is appended to the message, and then “0” bits.
  • 33. Step 2 – append length: A 64 bit representation of b is appended to the result of the previous step. The resulting message has a length that is an exact multiple of 512 bits Sarthak Patel (www.sarthakpatel.in)33
  • 34. Step-3 Divide the input into 512-bit blocks Data to be hashed (Digested) 1536 bits Sarthak Patel (www.sarthakpatel.in)34 512 bits 512 bits 512 bits
  • 35. Step-4 Initialize chaining variables A four-word buffer (A,B,C,D) is used to compute the message digest. Here each of A,B,C,D, is a 32 bit register. Sarthak Patel (www.sarthakpatel.in)35
  • 36. Step-5 Process blocks 5.1 – Copy the four variables (32*4 = 128) 5.2 – Divide the 512- bit block into 16 sub-blocks. 512 bits Sarthak Patel (www.sarthakpatel.in)36 5.3 – Process each block with A, B, C, D. 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 32 bits 512 bits
  • 37. 5.3 - Process each block with A, B, C, D. Sarthak Patel (www.sarthakpatel.in)37
  • 38. Secure Hash Algorithm (SHA) SHA-1 produces a hash value of 160 bits. SHA is designed to be computationally infeasible to: Obtain the original message Find two message producing the same MD. Sarthak Patel (www.sarthakpatel.in)38
  • 39. Types(Versions) of SHA Sarthak Patel (www.sarthakpatel.in)39
  • 40. Algorithm Step-1 Padding Step-2Append length Step-3 Divide the input into 512-bit blocks. Step-4 Initialize chaining variables (5 varibles) Step-5 Process blocks Sarthak Patel (www.sarthakpatel.in)40 Step-5 Process blocks
  • 41. 5.3- Process each block with A, B, C, D, E. Sarthak Patel (www.sarthakpatel.in)41
  • 42. Comparison of MD5 & SHA-1 Points of Discussion MD5 SHA-1 MD length in bits 128 160 Attack try to find MD 2128 2160 Sarthak Patel (www.sarthakpatel.in)42 MD Attack try to find two messages producing same message digest 264 280 Speed Faster Slower
  • 43. RACE Integrity Primitives Evaluation Message Digest (RIPEMD-160) RIPEMD is a cryptographic hash based upon MD4. It's been shown to have weaknesses and has been replaced by RIPEMD-128 and RIPMD-160. These are cryptographic hash functions designed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel. Sarthak Patel (www.sarthakpatel.in)43 Bosselaers, and Bart Preneel. RIPEMD-160 produces a hash of the same length as SHA1 but is slightly slower. RIPEMD-128 has been designed as a drop-in replacement for MD4/MD5 whilst avoiding some of the weaknesses shown for these two algorithms. It is about half the speed of MD5.
  • 44. HMAC(HashHMAC(HashHMAC(HashHMAC(Hash----Based MAC)Based MAC)Based MAC)Based MAC) HMAC has been chosen as a security implementation for Internet Protocol (IP) and Secure Socket Layer(SSL), widely used in internet. The fundamental idea of HMAC is to reuse the existing MD5 or SHA-1. Sarthak Patel (www.sarthakpatel.in)44 SHA-1.
  • 45. Original message Existing MD5 or SHA-1 MD Encrypt HMA C Sarthak Patel (www.sarthakpatel.in)4 5 K
  • 46. How HMAC works? MD- Message Digest/ Hash function M – Input message ipad-A string 00110110 repeated b/8 times opqd-A string 01011010 repeated b/8 times Sarthak Patel (www.sarthakpatel.in)46
  • 47. How HMAC works? Step-1 Make the length of K equal to b Length K<b (Append 0 – left side) Length K=b (Step -2) Length K>b (Hash K reduce its length to b) Step- 2 XOR K with ipad to produce S1 Sarthak Patel (www.sarthakpatel.in)47 Step- 2 XOR K with ipad to produce S1 Step -3Append M to S1 Step -4 Message Digest algorithm Step -5 XOR K with opad to produce S2 Step -6Append H toS2 Message DigestAlgorithm