This document discusses hash functions and their analysis for a network security seminar. It begins by defining a hash function as a mathematical function that converts a large amount of data into a small string of integers. Common applications of hash functions include hash tables for quickly searching data, eliminating data redundancy, caches, bloom filters, and pattern matching. Cryptographic hash functions have properties like preimage and second preimage resistance as well as collision resistance. Popular cryptographic hash functions discussed include MD2, MD4, MD5, SHA-1, and SHA-2, along with their advantages, limitations, and examples of attacks.

1. Hash Functions
&
Analysis
for CCM 4332 Seminar (Network Security)
Presented By,
Bhavesh Kumar Hari
Pawandeep Kaur
Manish Hatkar
Prateek Goli
Vipul Agarwal

2. What is a hash function?
A hash function is a set of procedures and steps
or a mathematical function that can be used to
convert a a large amount of data into a small data string
and integers that can be used as an index as an array.
Output of a hash function,
Hash Values
Hash Codes
Hash Sums
Checksums
Hashes

3. Applications of Hash Functions
There are various applications of hash functions
and the most common one is using hash tables.
 Hash Tables
Hash tables are mainly used to quickly search a data
record using a given search key where the the hash
function is used to map the search key using a
generated hash.
 Eliminate Redundancy

4. Applications of Hash Functions
• Caches
Hash function are used with hash tables to build caches
for large datasets that are stored in slow media. This
highly improves the performance and reliability.
 Bloom filters
A compact data structure that uses hash function and
hashes.

5. Applications of Hash Functions
• Pattern Matching
String search algorithms like Rabin-karp uses hashing to
compare strings with time complexity of O(n) on
average.
 Geometric Hashing
Used to solve many proximity problems in a plane or in
3D space. This is further used to to image recognition,
processing and matching. It's even used in
telecommunication to encode and compress multi-
dimensional signals and it's knows as vector
quantization.

6. Cryptographic Hash Functions
A cryptographic hash function is a special hash
function that has the following three properties,
 Preimage resistance
The function should be irreversible or one-way where a
given hash h where it'll be difficult to find any message
m such that, h = hash(m)
 Second preimage resistance
The function should not produce same hash for two
different message. Given a message m1, it should be
difficult to find another message m2 where m1 != m2
such that hash(m1) = hash(m2)

7. Cryptographic Hash Functions
 Collision Resistance
The function should be collision resistant where it should
be difficult to find two different messages m1, and m2,
such that hash(m1) = hash(m2). Birthday attack maybe
used against the hash functions to find a collision.
 Some examples are, MD2, MD4, MD5, SHA-0, SHA-1,
SHA-2, SHA-2, crypt

8. Applications of Cryptographic Hash
Function
There are various applications of cryptographic has
functions and few are mentioned as follows,
 Integrity of files & messages
A hash value of a file and message can be calculated
and transferred to the destination via different forms to
later ensure if the file or message is not tampered. It's
used with digital signatures where, the hash of the
message is generated and then encrypted using the
private key. Later on the receiver can decrypt it using the
sender's public key and compare the hash with the
message. This helps in generating short signatures.

9. Applications of Cryptographic Hash
Function
 Pseudorandom generation
Hash functions can also be used in the generation of
pseudorandom bits, or to derive new keys or passwords
from a single, secure key or password.
 SSL
 IPSec
 File or data identifier

10. Description of Cryptographic
Hash Function
We'll be discussing few popular cryptographic function
and their advantages/limitations.
 MD2
 MD4
 MD5
 SHA-1
 SHA-2

11. MD 2 (Message Digest)
•Cryptographic hash function developed by Renald
Rivest 1989.
•Takes input as a message of arbitrary length and output
of 128 bits
•This algorithm is optimized for 8 bit computers
•Message is padded according to specified conventions,
to be a multiple of 16 bytes
•These 16 bytes calls as checksum and added at the
end.

16. MD 2
•Final pass is processed in 16 bytes at same time with
intermediate result for, each intermediate value depends
on previous intermediate value.
•No longer contained as secured algorithm.
•First attack was pre image attack by F.Muller (2004) .
•Second result was collision attack found by Rogier and
Chauvaud on compression function.
•This attack was not able to extend immediately because
of checksum.

17. MD 4
•Cryptographic hash function developed by Ronald
Rivest in 1990.
•Arbitrary length is 128 bits.
•This algorithm is optimized for 32 bit computers.
•It needs more intermediate state than MD 2
•Weakness of MD4 were demonstrated in1991by Den
Boer & Bosselaers.

19. MD 4
•Later collision attack were found 1995 and after that
hashing function were designed in MD 5, SHA-1
•MD4 collision resistance were reduced, pre image and
second pre image resistance attack on MD 4 are
practical,
•Cannot be used to hash a cryptography of 80 bits or
longer.
•MD 4 is used to complete hash password on Microsoft
like windows NT, XP, Vista and 7.

21. Discussed Topics:
•Information about MD5
•MD5 Vs MD4
•Attacks on MD5

22. Introduction
•It is widely used cryptographic hash functions
•Message is processed in 512 bits (16*32 bit
words) block. Ex: if message is M then blocks are {m0,m1,m2….
M15} of 32bits
•Digest is 128-bit quantity i.e. 4* 32-bit words
having the predefined hex constant value. Ex digests :
d0=67543201,d1= efcdab89, d2=85bacade, d3= 10325476
•It make 4 passes over each message word.

23. •Every pass has a specific functions to blend
on message digest
•Each word of the processed message digest
is added to pre-stage value(constant) to
obtain the post- stage value.
•This post- stage value will be the pre-stage
value for the next stage
•The final result is the Message Digest of
entire message.

24. Functional Steps for Algorithm
1) Padding: A arbitrary length message is first
padded by 1s followed by 0s to make it
448bit(512-64)long. The 64 bit is then used to
store the length of the message before padding.

25. 2) Initialization: 4 digests(word buffer) are
initialized to constant Hex value. Below
A,B,C,D is 32-bit register
3)Process Message:- m0,m1…..m15 is
processed in 4passes with 64 rounds

27. .

28. continued
Pass1: F(x,y,z) = (x^y)v(~x^z)
Pass2: G(x,y,z) = (x^z) v(y^~y)
Pass3: H(x,y,z) = x xor y xor z
Pass 4: I(x,y,z) = y xor( x v ~ z)
here ^,v,~ denotes the AND, OR and NOT
operations respectively
4) The message digest produced is A,B,C,D
where A is lowest order bit and D is highest
order bit.

29. MD4 Vs MD5
•MD5 make 4 passes whereas it was 3 in MD4,
making it more secure but less faster.
•The function g in round 2 was changed from
(XY v XZ v YZ) to (XZ v Y not(Z)) to make g less
symmetric
•Each step has unique addictive constant
•Each step adds in the result of previous step to
promote the faster avalanche effect.

30. Attacks on MD5
•Chosen-prefix collision attack
•Pre-image attack
•Vulnerable CAs

31. SHA-1
•Developed by National Security Agency (NSA) for use
with NIST’s Digital Signature Standard.
•It produces 160 bit (20 byte) Message Digest.
•SHA1 is mostly used to secure protocol as SSH, TLS,
SSL, PGP, and IPSec.
•It is used to provide authenticity and integrity.
•Key has to be destroyed upon Implementation.

32. SHA 1 Digest
•SHA1 (“Middlesex University“) = e9efe518 85e13e90
ff37c753 d96421f8 2c1bc9d4
•SHA1 (“Middlesex Univercity”) = 0773a83f 705a95ee
5827bd06 ea9b26cd e96dbe2e
•Hash of Zero Length String is
• SHA1 (“”) = da39a3ee 5e6b4b0d 3255bfef 95601890
afd80709

33. SHA1 vs MD5
•MD5 – Vulnerable to Brute force Attack.
•MD5 creates 128-bit String, SHA1 creates 256-bit
String.
•MD5 hash for "asdf":
912ec803b2ce49e4a541068d495ab570
•SHA1 hash for "asdf":
3da541559918a808c2402bba5012f6c60b27661c

34. Limitations
Collision
- First successful collision was done in 2005.
- The research team of Xiaoyun Wang, Yiqun Lisa Yin, and
Hongbo Yu have been circulating a paper describing their results:
- Collisions in the the full SHA-1 in 2**69 hash operations, much
less than the brute-force attack of 2**80 operations based on the
hash length.
- Collisions in SHA-0 in 2**39 operations.

35. SHA-2
•SHA stands for Secure Hash Algorithm.
•It is a set of cryptographic hash functions which include
SHA-224 , SHA-256 , SHA-384 and SHA-512 designed
by the national security agency.
•The SHA-256 and SHA-512 are considered as two
similar hash functions with different block sizes , they
vary in the word size like SHA-256 uses 32-bytes of
words and SHA-512 uses 64-bytes of words.

36. Advantages in SHA-2
•The SHA-2 is considered as a very secure hash standard
with four secure hash algorithms used in it like SHA-224,
SHA-256, SHA-384, and SHA-512.
•It is a one way hash function that processes a message to
produce a hash representation which is called as a
Message digest
•All the four algorithms used are iterative.

37. Limitations
• There are very limited known attacks for SHA-2
• Two meet-in-the-middle preimage attacks are possible
against SHA-2 with reduced number of rounds. It has time
complexity of 2^253.5 which can’t be practically
implemented at the moment.against SHA-2 with a reduced
number of rounds

38. Questions?

39. Thank You!