Building the Big Message Authentication Code

Slides:



Advertisements
Similar presentations
Lecture 5: Cryptographic Hashes
Advertisements

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.
CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Dictionaries and Hash Tables1  
Chapter 5 Cryptography Protecting principals communication in systems.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Announcements: 1. HW6 due now 2. HW7 posted Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Module 4 Hash Functions Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Method for verifying a credit card number: Example:
DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.
Hash and MAC Functions CS427 – Computer Security
Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez.
Description of a New Variable-Length Key, 64-Bit Block Cipher (BLOWFISH) Bruce Schneier BY Sunitha Thodupunuri.
Lecture 2: Introduction to Cryptography
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.
Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy
Hash Functions Ramki Thurimella. 2 What is a hash function? Also known as message digest or fingerprint Compression: A function that maps arbitrarily.
Cryptographic Hash Functions
Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.
Dr. Nermin Hamza.  Attacks:  Traffic Analysis : traffic analysis occurs when an eavesdroppers observes message traffic on network. Not understand the.
Data Integrity / Data Authentication. Definition Authentication (Signature) algorithm - A Verification algorithm - V Authentication key – k Verification.
หัวข้อบรรยาย Stream cipher RC4 WEP (in)security LFSR CSS (in)security.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
CS/ECE 578 Cyber-Security Dr. Attila Altay Yavuz
Information and Computer Security CPIS 312 Lab 9
DTTF/NB479: Dszquphsbqiz Day 26
Multiplying 2 Digit Factors
Cryptographic Hash Function
Chapter 5: The Art of Ensuring Integrity
Cryptography.
Presented by: Dr. Munam Ali Shah
Digital Signature Schemes and the Random Oracle Model
Cryptographic Hash Functions Part I
Cryptography Lecture 13.
Cryptographic Hash Functions
ICS 454 Principles of Cryptography
Security through Encryption
CS/ECE 478 Network Security Dr. Attila Altay Yavuz
CH 9.2 : Hash Tables Acknowledgement: These slides are adapted from slides provided with Data Structures and Algorithms in C++, Goodrich, Tamassia and.
ICS 454 Principles of Cryptography
Cryptographic Hash Functions Part I
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Topic 13: Message Authentication Code
Method for verifying a credit card number:
Cryptography Lecture 14.
Hashing Hash are the auxiliary values that are used in cryptography.
Cryptography Lecture 13.
Instructor Materials Chapter 5: Ensuring Integrity
Security: Integrity, Authentication, Non-repudiation
One-way Hash Function Network Security.
Hash Function Requirements
Dictionaries and Hash Tables
Presentation transcript:

Building the Big Message Authentication Code Dale R. Thompson, Ph.D., P.E. Brad Maxwell July 20, 2004 University of Arkansas

Long-term Message Authentication Mean time to find collision with a custom $14 million machine Financial Bank transactions Credit card House purchase Legal documents Patents Contracts Evidence Digital photographs Digital video # bits Year 2003 Year 2024 128 6 hours 1 second 160 46 hours 1 day 192 3.0x106 years 180 years 256 1.3x1016 years 7.9x1011 years 320 5.5x1025 years 3.4x1021 years University of Arkansas

Background Definitions Hash or message digest A function that maps an arbitrary string to a smaller fixed length string MAC A one way function or message digest that is seeded with a shared secret value between two parties. Authenticity can only be verified between the two parties. Collision When two different strings map to the same hash or MAC University of Arkansas

University of Arkansas BigMAC Ideas Composite hash Consists of 2 or more hashes concatenated together If you break one hash, you get caught by another Use hashes to cover each others weaknesses The BigMAC implementation uses Uncompressed data stream Compression data stream Blocks Process data stream in blocks with a hash function and then process the hashes of the blocks with a second hash function Primary of primary, primary of secondary University of Arkansas

University of Arkansas BigMAC structure University of Arkansas

Distributions of Collisions on the BigMAC University of Arkansas

University of Arkansas BigMAC Tests Adler32 does not perform well compared to CRC Researched Universal Hashing Uses a family of CRC functions Picks 2 functions and uses them to create a composite hash Tested BigMAC using two CRC functions With different initial vector and same polynomial With same initial vector and different polynomial University of Arkansas

Distributions of collisions replacing Adler with CRC University of Arkansas

Distribution of Collision Results Compression reduces the data set, thus the CRC functions perform slightly worse on compressed Blocking is a hash of hashes, which is a hash of a more uniform distribution of data. University of Arkansas

Applied CRC Attack Previously Published Replaced one byte and changed 4 additional bytes to maintain same CRC. See http://csce.uark.edu/~drt/pubs.htm for details. Same polynomial with different initial vectors Created collision for both CRC functions. Since the CRCs are cyclic, changing the initial vector just changes the starting point of the cycle. Reversing CRC attack does not require the initial vector to be known, only the polynomial. Different polynomials with same initial vectors Created collision for only one CRC function, but not the other. University of Arkansas

University of Arkansas Conclusions The BigMAC Designed to thwart common attacks over an extend period of time Composed of multiple hashes concatenated together Size can easily be increased without redesigning the algorithm CRC Must add k zeros to prevent simple forgery If multiple CRC functions are used, they should have different generating polynomials. University of Arkansas

University of Arkansas Contact Information Dale R. Thompson, Ph.D., P.E. 311 Engineering Hall Fayetteville, Arkansas 72701 E-mail: d.r.thompson@ieee.org WWW: http://csce.uark.edu/~drt J. Brad Maxwell 1515 Red Tip Dr. #8 Fayetteville, Arkansas 72704 Email: jbmaxwe@yahoo.com University of Arkansas

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.