Cryptographic Hash Functions message auhentication

McGraw-Hill ©The McGraw-Hill Companies, Inc.,
15.1
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 11
Message Integrity,Message Authentication
And Hash Functions

Cryptographic Hash Functions
Key Points
• Hash function Variable-length message
Fixed-length message digest
h=H(M)
• Cryptographic hash functions iterative use
of a compression function

Introduction
 When hash function provides security, this is called cryptographic hash functions.
Hash function protects the integrity of the message. If encryption process is
applying on message with hash function, it is also providing authentication and
confidentiality
 A hash function provides a property that has function applied on variable amount
of data (M) and then it produces the fixed amount of output data. If any bit or bits
changes in the data, then whole hash function output data will also change.
Cryptographic has function is one-way function, which is practically infeasible to
invert. The most popular hashing algorithm is MD5 and SHA.
l
,

• Hash function
 One-way property
 Collision-free property
H
“Hash function”
M H(M)
Data Integrity
Computationally infeasible

Block diagram

Properties of hash Function
Compression: As per compression properties, output of the hash function is much smaller
than the size of input.
Pre-image resistance: Pre-image resistance means difficult to find the input from given
hash function output. i.e., x=H(m). So if x is given, it is difficult to message m.
Weak Collision Resistance: Given message m1, weak collision resistance means that it is
difficult to produce another message m2 such that H(m1)=H(m2). i.e, it means it is
infeasible to find two different messages with the same hash value.
Strong Collision Resistance: Strong collision resistance means that is difficult to find any
two different messages that hash to the same value. i.e., it means it is hard to find m1 &
m2 such that same hash value H(m1) = H(m2)

Applications
1. Message Authentication
2. Digital Signatures
3. Other Applications (Internet protocols)

Message Authentication
• Message authentication
Mechanism or service used to verify the
integrity of a message.
No modification
No insertion
No deletion
No replay

Confidentiality
No
Confidentiality

Confidentiality

• No confidentiality: method (b) has an
advantage over methods (a) and (d)
less computation
• Avoid encryption method (c)
 Encryption software relatively slow
 Encryption hardware high cost
 Time high
 Encryption algorithms patents cost

M: variable-length message
K: secret key K
Output: fixed-size
MAC: message authentication code (keyed hash function)

Digital Signatures
Public key
H
“Hash
function”
M H(M)
Encryption
algorithm
Private
key

Digital Signatures

Digital Signatures
• Digital signature private-key-
encrypted hash code authentication
(only the sender could have produced the
encrypted hash code, essence of the digital
signature technique)
• Confidentiality + Digital signature
message + private-key-encrypted hash code
encrypted using a symmetric secret key

Other Applications
1. One-way password file
2. Intrusion detection
3. Virus detection
4. Pseudorandom function(PRF) or a
Pseudorandom number generator
(PRNG).

Two Simple Hash Functions
1. Bit-by-Bit exclusive-OR (XOR) of every block

Requirements and Security

Secure Hash Algorithm(SHA)
• National Institute of Standards and
Technology (NIST)- Federal information
processing standard (FIPS 180)-1993
SHA-0 (1993)
SHA-1 (1995)
SHA-256
SHA-384 (2002)
SHA-512

Secure Hash Algorithm(SHA)

SHA-512 Logic

SHA-512 Round Function

Cryptographic Hash Functions message auhentication

More Related Content

Similar to Cryptographic Hash Functions message auhentication

More from nagwaAboElenein

Recently uploaded

Cryptographic Hash Functions message auhentication