Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Lecture 5: Cryptographic Hashes
Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Digital Signatures and Hash Functions. Digital Signatures.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Announcements: 1. HW6 due now 2. HW7 posted Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part II.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Fall 2002CS 395: Computer Security1 Chapter 11: Message Authentication and Hash Functions.
Chapter 21 Public-Key Cryptography and Message Authentication.
CSCI 172/283 Fall 2010 Hash Functions, HMACs, and Digital Signatures.
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
1 Hash Functions. 2 A hash function h takes as input a message of arbitrary length and produces as output a message digest of fixed length
1 Number Theory and Advanced Cryptography 6. Digital Signature Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.
Cryptographic Hash Functions and Protocol Analysis
Lecture 2: Introduction to Cryptography
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.
Section 3: Public Key, Digital Signature
Chapter 11 Message Authentication and Hash Functions.
MESSAGE AUTHENTICATION and HASH FUNCTIONS - Chapter 11 MESSAGE AUTHENTICATION and HASH FUNCTIONS - Chapter 11 Masquerade – message insertion, fraud, ACK.
Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
Hash Functions Ramki Thurimella. 2 What is a hash function? Also known as message digest or fingerprint Compression: A function that maps arbitrarily.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.3 Hash Functions.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.
CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.
Information Security and Management 11. Cryptographic Hash Functions Chih-Hung Wang Fall
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Lecture 9 Overview. RSA Invented by Cocks (GCHQ), independently, by Rivest, Shamir and Adleman (MIT) Two keys e and d used for Encryption and Decryption.
1 Message Authentication using Message Digests and the MD5 Algorithm Message authentication is important where undetected manipulation of messages can.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
Data Integrity / Data Authentication. Definition Authentication (Signature) algorithm - A Verification algorithm - V Authentication key – k Verification.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Chapter 12 – Hash Algorithms
Cryptographic Hash Functions
Cryptographic Hash Function
Cryptographic Hash Functions
ICS 454 Principles of Cryptography
ICS 454 Principles of Cryptography
Hashing Hash are the auxiliary values that are used in cryptography.
Presentation transcript:

Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez

Problem You are designing a banking application that will be accessed by thousands of users. Security of passwords is a key factor.  Protect from people outside and inside the organization How do you store passwords in the database?

One Approach Encrypt passwords using a key. When the information is needed, decrypt it using same key! Example (very simple):  Given a character, encrypt it by replacing it with other. What is the idea? CharacterASCII CODEEncrypted A B IDEA: “hi” = decrypt(encrypt(“hi”))

What is the problem with this approach? If someone accesses this database and knows the key (even people from IT or support), all passwords would be revealed! UserPwd (encrypted using a key) aagui003bbhrt aaoni001jhlkhj

A better approach One-way hash functions (The talk is about this) ONE WAY

One way function A function y = f(x) is one way if it is easy to compute y from x but “hard” to compute x from y However, nobody has proved that such function exist! A possible definition is:  f(x) can be obtained in polynomial time  f -1 (x) is NP-hard

An example of one-way functions Unique factorization Theorem: Every integer has a unique factorization as product of primes. Factoring Given two large prime numbers u, v, consider y = f(u, v) = u * v. It is polynomial time computable. However, given y, can we calculate u and v easily? NO

Hash function Map a message of variable length m to a fingerprint of fixed n bits, and m >= n Fundamental properties:  Compression  Easy to compute Can be used to detect changes since a modification (even a bit) would change the hash value.

One-way hash functions y = h(x) where  Given x, calculating h(x) is easy  Given y, calculating any x such that y=h(x) is hard, AND  y is fixed length independent of the size of x (a compression function is needed for large inputs) Input Output

Two questions Is it easy to come up with new one- way hash functions? What do we need to build such functions?  Easy to compute (in general, it is a public algorithm)  Hard to invert (2 n different output!)  Compression function  Collision resistant

Collision Given x 1, x 2, and a hash function h, a collision exists if h(x 1 ) = h(x 2 ) Is this possible?  YES, why?  It is a many-to-one function! The input domain is greater that the output domain. Therefore, good one-way hash functions should be collision resistant! Collision resistant?

The Birthday paradox Consider the probability Q 1 (n, d) that no two people out of a group of n will have matching birthdays out of d equally possible birthdays. In general, let Q i (n, d) denote the probability that a birthday is shared by i people out of a group of n people, then the probability that a birthday is shared by k or more people. Probabilty that two do have same birthday

…birthday paradox An approximation for the minimum number of people needed to get chance that two have a match within k days out of d possible is given by: How many people do we need in this classroom for a chance? (Sevast'yanov 1972, Diaconis and Mosteller 1989). What about OWHFs?

Birthday attacks for OWHFs Given y = h(x), where y is length-fixed of n bits, 2 n outputs can be obtained. Since x is of variable length, and |x| > |y| in some cases. h(x) is a many-to-one function! How many attempts are necessary so that h(x 1 )=h(x 2 ) (probability of success >= 0.5)?  Use the formula we just explained!  Let d = 2 n, and k = 0

To be collision resistant, how big should n be? 64-bits is now regarded as too small, proposed Output lengthn(d) 64 bits 128 bits 160 bits

General structure of OWHF’s arbitrary length input iterated compression function fixed length output optional transformation output Input Output

Details append padding bits append length block  g HiHi H 0 =IV xixi preprocessing HtHt H i-1 original input x formatted input x 1, x 2... x t iterated processing compression function f output h(x)=g(H t )

Two known OWHF’s MD5  From Ronald Rivest (the R from RSA) [1992]  Produce a 128-bit hash value  MD5 is widely used, however collisions were detected (Wang, 2004). SHA1  Designed by the National Institute of Standards and Technology (NIST), as an “upgrade” from MD5  Produces 160-bit hash values

Going back to our problem Save a pair  Now, if somebody (inside or outside) access passwords table each entry should be attacked individually! An authentication algorithm would look as follows: if MD5(passw_typed) == hash_of_passw CorrectPassword = true else CorrectPassword = false

Other uses Digital signatures  Antivirus  Software validation Used to store passwords in some Linux implementations

Thank you What is he talking about? mmm… Z Z z… Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.