ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

Slides:



Advertisements
Similar presentations
Hashes and Message Digests
Advertisements

Lecture 5: Cryptographic Hashes
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
“Advanced Encryption Standard” & “Modes of Operation”
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Hash and MAC Algorithms
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.
Cryptography and Network Security Hash Algorithms.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Information Security and Management 11
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Lecture 13 Message Signing
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
Hashing (Message Digest) Hello There.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 Cryptography and Network Security (Various Hash Algorithms) Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Changed by Somesh Jha)
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Lecture 2: Message Authentication Anish Arora CSE5473 Introduction to Network Security.
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.
1 Hashes and Message Digests. 2 Hash Also known as –Message digest –One-way function Function: input message -> output One-way: d=h(m), but not h’(d)
Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.
Hash and MAC Functions CS427 – Computer Security
1 Network Security Lecture 5 Hashes and Message Digests Waleed Ejaz
Hash and Mac Algorithms. Contents Hash Functions Secure Hash Algorithm HMAC.
CSCE 815 Network Security Lecture 8 SHA Operation and Kerberos.
Chapter 4 Message Authentication MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Chapter 18: One-Way Hash Functions Based on Schneier.
Hash Algorithms see similarities in the evolution of hash functions & block ciphers –increasing power of brute-force attacks –leading to evolution in algorithms.
Lecture 2: Introduction to Cryptography
Chapter 11 Message Authentication and Hash Functions.
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
Hash Functions Ramki Thurimella. 2 What is a hash function? Also known as message digest or fingerprint Compression: A function that maps arbitrarily.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.3 Hash Functions.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 10 September 21, 2004.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.
Information Security and Management 11. Cryptographic Hash Functions Chih-Hung Wang Fall
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Message Authentication Codes CSCI 5857: Encoding and Encryption.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
@Yuan Xue 285: Network Security CS 285 Network Security Hash Algorithm Yuan Xue Fall 2012.
Chapter 12 – Hash Algorithms
MD5 A Hash Algorithm….
ICS 454 Principles of Cryptography
ICS 454 Principles of Cryptography
Lecture 4.1: Hash Functions, and Message Authentication Codes
Presentation transcript:

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall

Hashes and Message Digests What hashes can do MD2 MD4, MD5, SHA-1 HMAC 2

Hash Functions Aka: message digests, one-way transformations Take a message m of arbitrary length (transformed into a string of bits) and computes from it a fixed-length (short) number h(m) Properties: - easy-to-compute: for any message m, it is relatively easy to compute h(m) - non-reversible: given h(m), there is no way to find an m that hashes to h(m) except trying all possibilities of m - computationally infeasible to find m and m’ such that h(m)=h(m’) and m!=m’ 3

Notion of Randomness Any particular bit in the outputs should have 50% chance to be on Each output should have about half the bits on, w.h.p Any two outputs should be completely uncorrelated, no matter how similar the inputs are 4

General Structure 5 Repeated use of a compression function, f, that takes two inputs (the chaining variable and input block), and produces an n-bit output

Birthday Paradox 6 If there are 23 or more people in a room, there is better than 50% chance that two of them will have the same birthday Assume n inputs (number of people) and k possible outputs (365 days) If n > k 1/2, there is a good chance of finding a matching pair Exact math on board…

Length of Digest 7 If the length of the digest is n-bit long: It takes O(2 n ) to find a message with a given digest It takes O(2 n/2 ) to find two messages with the same digest (the length of digest should be sufficient to resist this attack)

Length of Digest (Cont’d) 8 Due to birthday attack, the length of the digest in general should be twice the length of the key in block ciphers For example, SHA-256, SHA-384, and SHA-512 to match the key lengths 128, 192, and 256 in AES

What Hashes Can Do 9 Authentication Integrity check (MAC) Encryption

Authentication 10 Authentication with SKC (previous example) Authentication with message digest

Message Authentication Code (MAC) 11 MD (K AB |m): only those knowing the secret K AB can compute/verify the MAC (Problem?) Solutions?

MAC: Problem With Keyed Hash 12 Keyed hash: h(key|m) An attacker gets m and h(key|m) First pads m according to the used hash function, and then adds another message m’ at the end, the result is m|pad|m’ h(key|m|pad|m’) can be calculated from h(key|m|pad) which is the intermediate digest

MAC: Solutions 13 Use h(m|key) Use only half the bits of h(key|m) Use h(key|m|key) HMAC

HMAC 14

Encryption: Replacing SKC with Hash 15 Generate one-time pad: (similar to OFB) b 1 = MD(K AB |IV), b 2 = MD(K AB |b 1 ), b 3 = MD(K AB |b 2 ), … XOR the message with the one-time pad bit sequence (Problem with one-time pad? Recall OFB) Mixing in the plaintext: (similar to CFB) b 1 = MD(K AB |IV), c 1 = m 1 XOR b 1, b 2 = MD(K AB |c 1 ), c 2 = m 2 XOR b 2, b 3 = MD(K AB |c 2 ), …c 3 = m 3 XOR b 3, …

Replacing Hash with SKC 16 Unix password hash: password is converted into a secret key, which is input into DES to encrypt the constant 0, producing a hashed password Hashing large messages: (Problem? Solution?)

Replacing Hash with SKC- Improved 17 Problem still? And solution?

MD2, MD4, MD5, SHA-1 18 Message digest (MD), designed by Ron Rivest MD2: 1989, operates on 8-bit octets MD4: 1990, operates on 32-bit words MD5: 1991, operates on 32-bit words Secure hash algorithm (SHA), proposed by NIST SHA-1: 1995, operates on 32-bit words

MD2 19 Input: arbitrary number of octets Output: 128-bit message digest Step 1: Pad the message to be a multiple of 16 octets Step 2: Append a 16-octet checksum to the message Step 3: Process the message, 16 octets at a time, to produce the message digest

Step 1: Padding octets of padding are added if the message is initially a multiple of 16 octets Otherwise, r octets of padding are added to make the message a multiple of 16 octets

Step 2: Checksum Computation 21 Checksum: 16-octet quantity, appended to the message m m|checksum is processed by MD2 to obtain the actual message digest

 Substitution Table 22

Final Pass: Producing Digest 23

MD4, MD5, SHA-1 Input: arbitrary number of bits Output: 128 bits for MD4 and MD5, 160 bits for SHA-1 Step 1: Pad the message to be a multiple of 512 bits (16 words, 64 octets) Step 2: Process the message, 512 bits at a time, to produce the message digest 24

Step 1: Padding 25 Padding for MD4, MD5, SHA-1

Step 2: Producing Message Digest 26 Overview of MD4, MD5, SHA-1

SHA-1 27 Inner Loop of SHA-1: 80 Iterations per block Initially (in hex): A= , B=efcdab89, C=98badcfe, D= , E=c3d2e1f0

SHA-1 (Cont’d) 28 Update: For t=0 through 79 (each of the 80 iterations) In total: needs 80*(# of message blocks) iterations A|B|C|D|E from the last iteration is the message digest

SHA-1 vs. MD5 29 SHA-1 has 160-bit digest and MD5 128-bit, making SHA-1 more secure against brute-force SHA-1 involves more stages and bigger buffer, and thus executes more slowly than MD5 MD5 is considered broken in 2004 SHA-1 is considered broken in 2005 SHA-2: four digest sizes 224, 256, 384, 512 bits

Reading Assignments [Kaufman] Chapter 5 30

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.