Professional Documents
Culture Documents
Secure Hashing
Prepared by:
Sultan Almuhammadi
This lecture is based on:
Stallings, Cryptography and Network Security: Chapter 11
Outline
One-way functions
Secure Hash functions
Security Issues:
Man-in-the-middle attach
Birthday attack
Structure of Secure Hashing
SHA
Applications:
2
Definitions
3
Examples
One-way function
Multipicative group Zp* with generator g
f (x) = gx mod p
Trapdoor one-way function
Multiplicative group Zn* where n = p.q for large primes p, q
f (x) = ϕ(n)
The secret is: (p and q)
4
Hash Function
5
Hash Function Properties
6
Secure Hashing
7
Security Issues of Hash Functions
Birthday Attack:
Based on Birthday Problem: Choose n people from a party such that a
pair of them may have the same birthday on average (with 50%
probability)
Solution: n 1.18 D , where D is the number of days (values).
For 366 days, we need n=23 people (1.18*366 22.57)
Effort Required for Brute-Force Attack:
On average, for an n-bit secure hash, the effort is proportional to:
8
General Structure of Secure Hashing
9
Secure Hash Algorithm (SHA)
10
MD4
11
MD5
12
Whirlpool
13
Whirlpool
14
Applications of Secure Hashing
Authentication
Blockchain
Merkle Trees
Modification Detection Code (MDC)
Message Authentication Code (MAC)
Digital Signature Standard (DSS)
15
Example: Authentication
16
Blockchain
17
Blockchain
Tamper-evident :
If an Eve modifies data anywhere in the block chain, it will result in
the hash pointer in the following block being incorrect.
Storing the head of the list is sufficient to detect the tampering.
18
Merkle Trees
Data blocks are grouped in pairs and the hash of each of these
blocks is stored in a parent node, and so on, until we reach the
root node.
19
Merkle Trees
Proof of Membership
To prove that a data block is included in the tree only requires showing
the blocks in the path from that data block to the root.
20
Modification Detection Code (MDC)
21
Modification Detection Code (MDC)
22
Modification Detection Code (MDC)
Man-in-the-middle attack
23
Message Authentication
24
Message Authentication (with a secret)
25
Digital Signature
26