UNIT-III

CRYPTOGRAPHIC HASH FUNCTIONS

Hash functions are extremely useful and appear in almost all information security
applications.
A hash function is a mathematical function that converts a numerical input value into
another compressed numerical value. The input to the hash function is of arbitrary length
but output is always of fixed length.
Values returned by a hash function are called message digest or simply hash values or
hash code
Features of Hash Functions:

The typical features of hash functions are −

 Fixed Length Output (Hash Value)
o Hash function coverts data of arbitrary length to a fixed length. This process
is often referred to as hashing the data.
o In general, the hash is much smaller than the input data, hence hash
functions are sometimes called compression functions.
o Since a hash is a smaller representation of a larger data, it is also referred to
as a digest.
o Hash function with n bit output is referred to as an n-bit hash function.
Popular hash functions generate values between 160 and 512 bits.
 Efficiency of Operation
o Generally for any hash function h with input x, computation of h(x) is a fast
operation.
o Computationally hash functions are much faster than a symmetric encryption.

Properties of Hash Functions:

In order to be an effective cryptographic tool, the hash function is desired to possess

following properties −
 Pre-Image Resistance
o This property means that it should be computationally hard to reverse a hash
function.
o In other words, if a hash function h produced a hash value z, then it should
be a difficult process to find any input value x that hashes to z.
o This property protects against an attacker who only has a hash value and is
trying to find the input.
 Second Pre-Image Resistance
o This property means given an input and its hash, it should be hard to find a
different input with the same hash.
o In other words, if a hash function h for an input x produces hash value h(x),
then it should be difficult to find any other input value y such that h(y) = h(x).
o This property of hash function protects against an attacker who has an input
value and its hash, and wants to substitute different value as legitimate value
in place of original input value.
 Collision Resistance
o This property means it should be hard to find two different inputs of any
length that result in the same hash. This property is also referred to as
collision free hash function.
o In other words, for a hash function h, it is hard to find any two different inputs
x and y such that h(x) = h(y).
 o Since, hash function is compressing function with fixed hash length, it is
impossible for a hash function not to have collisions. This property of
collision free only confirms that these collisions should be hard to find.
o This property makes it very difficult for an attacker to find two input values
with the same hash.

MESSAGE AUTHENTICATION TECHNIQUES:

Message authentication is a mechanism or service used to verify the integrity of a message.

Message authentication assures that data received are exactly as sent by (i.e., contain no
modification, insertion, deletion, or replay) and that the identity of the sender is valid.

These may be grouped into three classes.

1. Hash function: A function that maps a message of any length into a fixed length
hash value, which serves as the authenticator

2. Message encryption: The cipher text of the entire message serves as its
authenticator

3. Message authentication code (MAC): A function of the message and a secret key
that produces a fixed-length value that serves as the authenticator.

1. Hash function:
2. Message encryption:

SYMMETRIC ENCRYPTION:

Consider the straightforward use of symmetric encryption. A message transmitted

from source A to destination B is encrypted using a secret key shared by A and B. If
no other party knows the key, then confidentiality is provided: No other party can
recover the plaintext of the message.
In addition, B is assured that the message was generated by A. Why? The message
must have come from A, because A is the only other party that possesses and
therefore the only other party with the information necessary to construct cipher text
that can be decrypted with K.

PUBLIC-KEY ENCRYPTION:

The above fig (b) represents confidentiality using public key encryption
The above fig (c) represents authentication and signature using public key encryption
The above fig (d) represents confidentiality, authentication and signature using public
key encryption.
3. Message Authentication Code:

An alternative authentication technique involves the use of a secret key to generate a

small fixed-size block of data, known as a cryptographic checksum or MAC, that is
appended to the message. This technique assumes that two communicating parties,
say A and B, share a common secret key. When A has a message to send to B, it
calculates the MAC as a function of the message and the key:

MAC = MAC (K, M)

Where
M= input message
C = MAC function
K= shared secret key
MAC = message authentication code.

The message plus MAC are transmitted to the intended recipient. The recipient
performs the same calculation on the received message, using the same secret key,
to generate a new MAC. The received MAC is compared to the calculated MAC
(Figure 12.4a). If we assume that only the receiver and the sender know the identity
of the secret key, and if the received MAC matches the calculated MAC, then

1. The receiver is assured that the message has not been altered.
2. The receiver is assured that the message is from the alleged sender
3. If the message includes a sequence number (such as is used with HDLC, X.25,
and TCP), then the receiver can be assured of the proper sequence.
SECURE HASH ALGORITHMS:

SHA is the acronym for Secure Hash Algorithm, used for hashing data and certificate
files.

Secure Hash Algorithm(SHA)

 SHA is the acronym for Secure Hash Algorithm, used
for hashing data and certificate files.
 SHA originally designed by NIST(National Institute of
Standards and Technology) & NSA(National Secure
Agency) in 1993
 It was revised in 1995 as SHA-1
 It will work based on design of MD4 algorithm with key
differences
 It produces 160-bit hash values
 In 2005, results on security of SHA-1 raised concerns
on its use in future applications

 NIST issued revision FIPS(Federal

Information Processing Standards) 180-2
in 2002
 adds 3 additional versions of SHA 2
 SHA-256, SHA-384, SHA-512
 Itis designed for compatibility with
increased security provided by the AES
cipher
 structure & detail is similar to SHA-1
 Hence analysis should be similar
 But security levels are rather higher
 SHA Versions

SHA-512:

SHA-512 Overview
 SHA-512 Compression
Function
 heartof the algorithm
 processing message in 1024-bit blocks
 consists of 80 rounds
 updating a 512-bit buffer
 using a 64-bit value Wt derived from the
current message block
 and a round constant based on cube root of
first 80 prime numbers
Message Authentication Code (MAC):
A Message Authentication Code (MAC) is an algorithm that requires the use of a secret key.
A MAC takes a variable-length message and a secret key as input and produces an
authentication code.
A recipient in possession of the secret key can generate an authentication code to verify the
integrity of the message
One means of forming a MAC is to combine a cryptographic hash function in some fashion
with a secret key

Message authentication requirements:

In the context of communications across a network, the following attacks can be identified.
Disclosure: Release of message contents to any person or process not possessing the
appropriate cryptographic key.
Traffic analysis: Discovery of the pattern of traffic between parties
Masquerade: Insertion of messages into the network from a fraudulent source. This
includes the creation of messages by an opponent that are purported to come from an
authorized entity
Content modification: Changes to the contents of a message, including insertion, deletion,
transposition, and modification.
Sequence modification: Any modification to a sequence of messages between parties,
including insertion, deletion, and reordering
Timing modification: Delay or replay of messages. In a connection-oriented application, an
entire session or sequence of messages could be a replay of some previous valid session,
or individual messages in the sequence could be delayed or replayed.
Source repudiation: Denial of transmission of message by source
Destination repudiation: Denial of receipt of message by destination

In summary, message authentication is a procedure to verify that received messages come

from the alleged source and have not been altered. Message authentication may also verify
sequencing and timeliness.
HMAC (HASH MESSAGE AUTHENTICATION CODE):
CMAC (CIPHER BASED MESSAGE AUTHENTICATION CODE):
DIGITIAL SIGNATURE:

A digital signature is an authentication mechanism that enables the creator of a

message to attach a code that acts as a signature. Typically the signature is formed
by taking the hash of the message and encrypting the message with the creator’s
private key. The signature guarantees the source and integrity of the message.
The digital signature standard (DSS) is an NIST standard that uses the secure hash
algorithm (SHA)

Digital signature standard:

The National Institute of Standards and Technology (NIST) has published Federal
Information Processing Standard FIPS 186, known as the Digital Signature Standard
(DSS). The DSS makes use of the Secure Hash Algorithm (SHA) and presents a
new digital signature technique, the Digital Signature Algorithm (DSA).

The DSS Approach:

The DSS uses an algorithm that is designed to provide only the digital signature
function. Unlike RSA, it cannot be used for encryption or key exchange.
Nevertheless, it is a public-key technique
 Figure 13.3 contrasts the DSS approach for generating digital signatures to that used
with RSA.
In the RSA approach, the message to be signed is input to a hash function that
produces a secure hash code of fixed length. This hash code is then encrypted using
the sender’s private key to form the signature. Both the message and the signature
are then transmitted. The recipient takes the message and produces a hash code.
The recipient also decrypts the signature using the sender’s public key. If the
calculated hash code matches the decrypted signature, the signature is accepted as
valid. Because only the sender knows the private key, only the sender could have
produced a valid signature.
The DSS approach also makes use of a hash function. The hash code is provided
as input to a signature function along with a random number generated for this
particular signature. The signature function also depends on the sender’s private key
and a set of parameters known to a group of communicating principals. We can
consider this set to constitute a global public key .1 The result is a signature
consisting of two components, labelled s and r .

At the receiving end, the hash code of the incoming message is generated. This plus the
signature is input to a verification function. The verification function also depends on the
global public key as well as the sender’s public key , which is paired with the sender’s private
key. The output of the verification function is a value that is equal to the signature
component if the signature is valid. The signature function is such that only the sender, with
knowledge of the private key, could have produced the valid signature.
Scanned with CamScanner
Scanned with CamScanner
Scanned with CamScanner
Scanned with CamScanner