CSI3002- Applied

Cryptography and Network

Security

Dr. Iyappan Perumal

Assistant Professor Senior Grade 2
School of Computer Science & Engineering
VIT, Vellore.
 CSI3002- Applied Cryptography
and Network Security
 Module-1: Introduction to Cryptography
 Module-2: Symmetric Key Cryptography
 Module-3: Asymmetric Key Cryptography
 Module-4: Hash Functions and Authentication
 Module-5: Basic Applied Cryptography
 Module-6: Advanced Applied Cryptography
 Module-7: Web and Wireless Security
 Module 8: Recent trends
 CSI3002- Applied Cryptography
and Network Security
Text Books:
1. Stallings, William, “Cryptography and network security: principles
and practice”, 7th Edition, Pearson Publishers, 2017.
2. Behrouz A.Forouzan, “Cryptography & Network Security”, 6th
Edition, McGraw Hill Company, 2017.

Reference Books:
1. Kaufman, Perlman and Speciner, “Network Security: Private
Communication in a Public World”, 2nd edition, Pearson Publishers ,
2002.
2. Menezes, van Oorschot, and Vanstone, “The Handbook of Applied
Cryptography”, 20th Edition, WILEY, 2015.
3. H. Silverman, “A Friendly Introduction to Number Theory,” 4th
Edition, Boston: Pearson, 2012.
 Module 4: Hash Functions and
Authentication(4 Hours)
 Message Authentication Code(MAC)
 MD5
 Secure Hash algorithms(SHA)
 HMAC
 Digital Signature
 Digital Signature Standards(DSS)
Why Hash Functions and Authentication?
 Cryptography systems( Symmetric &
Asymmetric) that we have studied so far
provide Confidentiality but not Integrity.
 What is Message Integrity?
◦ Alice and Bob need to be sure that the contents
of the message are not modified during
transmission.
Why Hash Functions and Authentication?-
Example
 A person(Say “Alice”) may write a property will to
distribute his estate after death. The will does not
need to be encrypted. (Not Mandatory).
 After his death, anyone can examine the will, but
the integrity of the will needs to be preserved. The
Person(Alice) does not want the contents of the
will to be changed.

How to preserve the integrity here?

Why Hash Functions and Authentication?-
Example
 How to preserve the integrity here?
◦ One way to preserve the integrity of a document is
through the use of a fingerprint.
 Message and Message Digest
 The electronic equivalent of the document and
fingerprint pair is the message and digest pair.
 To preserve the integrity of a message, the
message is passed through an algorithm called a
cryptographic hash function.
 The function creates a compressed image of the
message that can be used like a fingerprint
Message Authentication
 Message Authentication is concerned with:
◦ Protecting the integrity of a message
◦ Validating identity of originator

◦ How to Check the Authenticity?? Need some

mechanism
Categories of Message Authentication
 Message Authentication- Assures that data
received are exactly as sent by sender(i.e
contains no modification, insertion, deletion,
or replay) and the identity of the sender is
valid.
 It is Done in three parts
◦ Message Encryption(Ciphertext act as
Authenticator)
◦ Message Authentication code( Function applied to
message with secret key that produces a fixed-
length value that serves as the authenticator)
◦ Hash Function(A function that maps a message of
any length into a fixed-length hash value, which
serves as the authenticator)
Message Encryption
 Symmetric Encryption

 Confidentiality and Authentication is

Preserved- No other party knows the key
Message Encryption
 Asymmetric Encryption- CASE 1

 Confidentiality is Achieved, But

Authentication is ??
Message Encryption
 Asymmetric Encryption – CASE 2

 Authentication is Achieved, But

Confidentiality is ??
Message Encryption
 Asymmetric Encryption- CASE 3

 Confidentiality and Authentication is

Preserved
Message Authentication Code(MAC)
 Message Authentication code( Function applied
to message with secret key that produces a
fixed-length value that serves as the
authenticator)
 It is represented as MAC = C(K, M)
 M = Input message
 C = MAC function
 K = Shared secret key
 MAC = Message authentication code
 Hacker
Message Authentication – Idea & Case 1 changes in
middle
haiasdf1234
killasdf1234
Hai

Kill
123
123

qwer7891

asdf1234

• Security of MAC depends on Hash Algorithm

• Authentication is Preserved, Confidentiality ??
 Message Authentication – Case 2

• Confidentiality & Authentication is Preserved

• Authentication tied to PlainText
 Message Authentication – Case 3

• Confidentiality & Authentication is Preserved

• Authentication tied to CipherText
Nested MAC
HASH FUNCTIONS – CASE 1
 Hash Function(A function that maps a message of
any length into a fixed-length hash value, which
serves as the authenticator) H(m)-> h
 Cryptographic hash functions such as HMAC and
SHA is used. Encrypted
Hash Code Compare

h
 h+M
M Hash
M h

h Decrypt

Hash Encrypt PUA

PRA
 Completely
HASH FUNCTIONS – CASE II encrypted

append

M M
M E D
M
h h h
h
K K
h
Hash E
Encrypted Hash Code h
D
KPRA
compare KPuA

h
Hash

Confidentiality & Authentication is Preserved

MAC/Hash Code- Both are Authenticators.
Also called as Message Digest..
HMAC- Hash Based Message Authentication Code
SENDER RECEIVER
00110110(36 IN HEXADECIMAL) repeated b/8 times

1024 BITS
1024 BITS 1024 BITS

Secret 512 bits

512 bits
Key
Message
1024 BITS

SHA 512

01011100(5C IN HEXADECIMAL) repeated b/8 times

HMAC(K,M) = H( (K+⊕opad) || H( (K+ ⊕ ipad)|| M) )
Secure Hash Algorithm – SHA 512
Message Digest
 Several Hash Algorithms MD2, MD4, MD5
 MD5- Divides the message into blocks of
512 bits and creates a 128-bit digest
 SHA – Based on MD5
 SHA1, SHA224,SHA256, SHA 384, SHA 512