Scribd Logo
Upload

Welcome to Scribd!

  • 09-Hash Functions PDF

    Uploaded by

    Абзал Калдыбеков
    17 views22 pages

    Original Title

    09-Hash Functions.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    17 views22 pages

    09-Hash Functions PDF

    Uploaded by

    Абзал Калдыбеков

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 22

    Week9.

    Cryptographic Hash
    Functions
    Lecture slides by Zhanbolat Seitkulov

    March IITU, Information Security 1


    Outline
    •  We will consider:
    –  Hash functions
    •  Uses, requirements, security
    –  Hash functions based on block ciphers
    –  SHA-1, SHA-2, SHA-3

    March IITU, Information Security 2


    Hash Functions
    •  Converts arbitrary message to fixed size
    –  h = H(M)
    •  Usually assume hash function is public
    •  Hash used to detect changes to message
    •  Key properties of a cryptographic hash functions:
    –  Computationally infeasible to find data mapping to
    specific hash (one-way property)
    –  Computationally infeasible to find two different data
    with same hash (collision-free property)

    March IITU, Information Security 3


    Cryptographic Hash Function

    March IITU, Information Security 4


    Hash Function and
    Message
    Authentication

    March IITU, Information Security 5


    Hash Functions and Digital Signatures

    March IITU, Information Security 6


    Other Hash Function Uses
    •  To create a one-way password file
    –  Store hash of password not actual password
    •  For intrusion detection and virus detection
    –  Keep & check hash of files on system
    •  Pseudorandom function (PRF) or
    pseudorandom number generator (PRNG)

    March IITU, Information Security 7


    Hash Function Requirements

    March IITU, Information Security 8


    Attacks on Hash Functions
    •  Have brute-force attacks and cryptanalysis
    •  A preimage and second preimage attack
    –  Find y such that H(y) equals a given hash value
    •  Collision resistance
    –  Find two messages x and y with the same hash
    H(x) = H(y)

    March IITU, Information Security 9


    Hash Function Cryptanalysis
    •  Cryptanalytic attacks use some property of
    algorithm, so faster than exhaustive search
    •  Hash functions use iterative structure
    –  Process message in blocks
    •  Attacks focus on collisions in function f

    March IITU, Information Security 10


    Secure Hash Algorithm (SHA)
    •  SHA originally designed by NIST & NSA in 1993
    •  was revised in 1995 as SHA-1
    •  US standard for use with DSA signature scheme
    –  The algorithm is SHA, the standard is SHS
    •  Based on design of MD4
    •  Produces 160-bit hash values
    •  Recent 2005 results on security of SHA-1 has
    raised concern on its use in future applications

    March IITU, Information Security 11


    Revised Secure Hash Standard
    •  NIST issued revision in 2002 (FIPS 180-2)
    •  Adds three additional versions of SHA
    –  SHA-256, SHA-384, SHA-512
    •  Designed with the compatibility with
    increased security provided by the AES cipher
    •  Structure and detail is similar to SHA-1
    •  Hence analysis should be similar
    •  But security levels are rather higher
    March IITU, Information Security 12
    SHA Versions

    March IITU, Information Security 13


    SHA-512 Compression Function
    •  Heart of the algorithm
    •  Processing message in 1024-bit blocks
    •  Consists of 80 rounds per block
    –  Updating a 512-bit buffer
    –  Using a 64-bit value derived from the current
    message block
    –  And a round constant based on cube root of first
    80 prime numbers

    March IITU, Information Security 14


    SHA Overview

    March IITU, Information Security 15


    Processing
    one 1024-
    bit block

    March IITU, Information Security 16


    Hi Initial Values

    March IITU, Information Security 17


    SHA-3
    •  In hashes, nothing secret, easy to attack
    •  SHA-1 not yet “broken”, but similar to MD5
    and SHA-0, so considered insecure
    •  SHA-2 (especially SHA-512) seems secure
    –  Shares same structure and mathematical
    operations as SHA-1, so have concern
    •  NIST announced in 2007 a competition for the
    SHA-3 – next generation NIST hash function
    –  Goal to have in place by 2012 but not fixed

    March IITU, Information Security 18


    SHA-3 Requirements
    •  Replace SHA-2 with SHA-3 in any use
    –  So use same hash sizes
    •  Preserve the online nature of SHA-2
    –  So must process small blocks (512/1024 bits)
    •  Evaluation criteria
    –  Security close to theoretical max for hash sizes
    –  Cost in time and memory
    –  Characteristics such as flexibility and simplicity

    March IITU, Information Security 19


    Questions?

    March IITU, Information Security 20


    Reading
    •  Cryptography and Network Security by
    Stallings
    –  Chapter 11
    •  Sections 11.1, 11.3, 11.5 and 11.6

    March IITU, Information Security 21


    Cryptographic Hash Functions

    Lecture slides by Zhanbolat Seitkulov

    March IITU, Information Security 22

    You might also like