Hash Techniques in Cryptography

Hash Techniques in Cryptography

• 1.
  HASH TECHNIQUES INCRYPTOGRAPHY
• 2.
  HASH FUNCTION Hashis the method which is used to compress the string. Message H a Digest  E.g. H { 0, 1 }* -> { 0, 1 }n ;n is +ve integer (variable size) s (fixed size) h The input is called „message‟ and output is „digest‟. Why we use this? Crypto hash function must provide :  Compression-Output length is small and fixed.  Efficiency- H(x) is easy to compute for any x.  Digest hides the possible string of message.
• 3.
  PROPERTIES  One way/Preimage Resistance –  given a value y it is infeasible to find an x such that h(x) = y  Weak collision resistance /Second preimage-  given x and h(x), infeasible to find y x such that h(y) = h(x)  Strong collision resistance –  infeasible to find any x and y, with x y such that h(x) = h(y) Many collisions exist, but cannot find any
• 4.
  SIMPLE HASH FUNCTIONS There are several proposals for simple functions  based on XOR of message blocks  not secure since can manipulate any message and either not change hash or change hash also  need a stronger cryptographic function
• 5.
  MERKLE-DAMGARD Merkle-Damgard iteration: 1. Startfrom a “compression function” |M|=b=512  h: {0,1}b+n{0,1}n bits h c =160 bits d=h(c,M)=160 bits 2. Iterate it M1 M2 ML-1 ML IV=d0 h d1 h d2 … h dL-1 h dL d=H(M)
• 6.
  SECURITY REQUIREMENTS  Deterministic hashing Stronger  Attacker chooses M, d=H(M)  Hashing with a random salt  Attackerchooses M, then good guy chooses public salt, d=H(salt,M)  Hashing random messages M random, d=H(M)  Hashing with a secret key  Attacker chooses M, d=H(key,M) Weaker
• 7.
   Deterministic hashing  Attacker cannot find M,M‟ such that H(M)=H(M‟)  Hard to find fixed-points, near-collisions, M s.t. H(M) has low Hamming weight, etc.  Hashing with random salt  Attacker chooses M, then given random salt, cannot find M’ such that H(salt,M)=H(salt,M’)
• 8.
   Hashing random messages  Given random M, attacker cannot find M’ such that H(M)=H(M’)  Hashing with a secret key  The mapping M->H(key,M) for secret key looks random to an attacker
• 9.
  SOME APPLICATIONS  Signatures: sign(M) = RSA-1( H(M) )  Message-authentication: tag=H(key,M)  Commitment: commit(M) = H(M,…)  Key derivation: AES-key = H(DH-value)
• 10.
   Digital signatures  Hash-then-sign paradigm  First shorten the message, d = H(M)  Then sign the digest, s = SIGN(d)  Message authentication  Sender, Receiver, share a secret key  Compute an authentication tag  tag = MAC(key, M)  Sender sends (M, tag)  Receiver verifies that tag matches M  Attacker cannot forge tags without key
• 11.
  CAUSE Digest d=H(M)chosen uniformly for each M  Digest d=H(M) has no correlation with M  For distinct M1,M2,…, digests di=H(Mi) are completely uncorrelated to each other  Cannot find collisions, or even near-collisions  Cannot find M to “hit” a specific d  Cannot find fixed-points (d = H(d))
• 12.
  COMPRESSION FUNCTION •Made for Scratch: This compression techniques specifically designed for this purpose.  Message Digest(MD)  Secure Hash Algorithm(SHA) • Based on Block Ciphers: This function is used for encryption.  Rabin Scheme(DES)  Matyas-Meyer-Oseas Scheme(AES)  Miyaguchi-preneel Scheme(Whirlpool)
• 13.
  MD4  Inputs: Message M of 512 bits i.e. m0,m1,..,m15 each 32bits.  Register : A [a0,a1,a2,..,a47 ] can update using updating rules.  Bitwise Boolean Function :  XOR(x,y,z)  MAJ(x,y,z)  IF(x,y,z)
• 14.
  MD4  Algorithm: Boolean Function 0…15 use IF Updating Circular left Message Padding 16…31 use MAJ Rules shift 31…47 use XOR  MD5 functions:  F(x,y,z)=IF(x,y,z)  G(x,y,z)=(x AND y) OR (y AND ( NOT z))  H(x,y,z)=XOR(x,y,z)  I(x,y,z)=y XOR ( x OR ( NOT z))
• 15.
  MD5  Advantages:  Speed- Fastest cryptographic hash function.  Convenience- as nearly every platform has a built-in MD5 hash function.  Disadvantages:  Lack of security- MD5 can be broken relatively easily and is no longer suitable for use in secure systems. Use MD5 only as a checksum hash, like CRC.  MD5 is also significantly slower than CRC.
• 16.
  SHA-512 ALGORITHM Augmented message: multiple of 1024 bit blocks 1024 bits 1024 bits 1024 bits Compression Compression Compression function function function 512 bits 512 bits 512 bits 512 bits 512 bits Message Initial value digest
• 17.
   Advantages:  User-secure. Safe from attack for probably a few decades.  Disadvantages:  Slowest hash function- For a system with high transaction rate, these hash functions can take a significant toll on the CPU.
• 18.
  REFERENCES..  Cryptography andNetwork Security by A.Forouzan, 2nd Edition, Tata McGraw Hill  http://www.freebsd.org/doc/en_US.ISO8859- 1/books/handbook/crypt.html  http://www.dacris.com/blog/2011/08/18/uni que-keys-hashing-and-encryption/  http://en.wikipedia.org/wiki/SHA-2
• 19.
  THANK YOU Presented by Basudev Saha M.Tech(I.T) University of Calcutta Roll No-97/ITM/110009