A Case for a Parallelizable Hash Alan Kaminsky and Stanislaw Radziszowski Department of Computer Science B. Thomas Golisano College of Computing and Information.

Slides:



Advertisements
Similar presentations
Lecture 5: Cryptographic Hashes
Advertisements

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
Announcements: 1. HW7 due next Tuesday. 2. Inauguration today! Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman,
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.
Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.
Cryptography and Network Security Hash Algorithms.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Information Security and Management 11
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Cryptography and Network Security (Various Hash Algorithms) Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Changed by Somesh Jha)
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
HASH Functions.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
Hash and MAC Algorithms Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther Aldwairi.
IS 302: Information Security and Trust Week 5: Integrity 2012.
Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Lecture 4.1: Hash Functions, and Message Authentication Codes CS 436/636/736 Spring 2015 Nitesh Saxena.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.
Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez.
CSCI 172/283 Fall 2010 Hash Functions, HMACs, and Digital Signatures.
Shambhu Upadhyaya Security – AES-CCMP Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 13)
1 Network Security Lecture 5 Hashes and Message Digests Waleed Ejaz
Understanding Cryptography – A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Chapter 11 – Hash Functions.
Week 4 - Friday.  What did we talk about last time?  Snow day  But you should have read about  Key management.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy
Hash Functions Ramki Thurimella. 2 What is a hash function? Also known as message digest or fingerprint Compression: A function that maps arbitrarily.
Cryptographic Hash Functions
Cryptography and Network Security
CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.
Information Security and Management 11. Cryptographic Hash Functions Chih-Hung Wang Fall
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Hash Algorithms Ch 12 of Cryptography and Network Security - Third Edition by William Stallings Modified from lecture slides by Lawrie Brown CIM3681 :
Lecture 9 Overview. RSA Invented by Cocks (GCHQ), independently, by Rivest, Shamir and Adleman (MIT) Two keys e and d used for Encryption and Decryption.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Message Authentication using Message Digests and the MD5 Algorithm Message authentication is important where undetected manipulation of messages can.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 13.Message Authentication.
Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.
Data Integrity / Data Authentication. Definition Authentication (Signature) algorithm - A Verification algorithm - V Authentication key – k Verification.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
@Yuan Xue 285: Network Security CS 285 Network Security Hash Algorithm Yuan Xue Fall 2012.
Chapter 12 – Hash Algorithms
Cryptographic Hash Functions
Cryptographic Hash Function
Cryptographic Hash Functions
Cryptographic Hash Functions
ICS 454 Principles of Cryptography
ICS 454 Principles of Cryptography
Hashing Hash are the auxiliary values that are used in cryptography.
Cryptography Lecture 13.
Hash Function Requirements
Presentation transcript:

A Case for a Parallelizable Hash Alan Kaminsky and Stanislaw Radziszowski Department of Computer Science B. Thomas Golisano College of Computing and Information Sciences Rochester Institute of Technology Rochester, NY, USA

Page 2 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Agenda ● One-Way Hash Functions ● Use Cases for Hash Functions ● Motivation for Parallelizable Hash Functions ● The PHASH Hash Function Design Concept ● Security of PHASH ● Performance of PHASH ● Conclusion

Page 3 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski One-Way Hash Functions ● MD5 ● SHA-1 ● SHA-224, SHA-256, SHA-384, SHA-512 ● SHA-3 — NIST competition underway ● Security properties: ● Preimage resistant — Given H(M), it is hard to find M ● Second preimage resistant — Given M 1, it is hard to find M 2 such that H(M 1 ) = H(M 2 ) ● Collision resistant — It is hard to find M 1 and M 2 such that H(M 1 ) = H(M 2 )

Page 4 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski One-Way Hash Functions ● Used for: Integrity

Page 5 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski One-Way Hash Functions ● Used for: Authentication, in a message authentication code (MAC)

Page 6 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski One-Way Hash Functions ● Used for: Authentication, in a digital signature

Page 7 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Use Cases for Hash Functions ● A DRM system hashes a two-hour high resolution movie to detect piracy ● A laboratory hashes a massive protein sequence database and adds a digital signature ● A user hashes the entire file system while backing it up ● Police hash an image of an entire hard disk that was seized for a criminal investigation Hashes of very large inputs ● Packets are hashed on the fly in hardware as they traverse a fiber network Hashes at very high speeds

Page 8 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Motivation for Parallelizable Hash Functions ● All present hash functions use the Merkle-Damgård construction ● Must be computed sequentially

Page 9 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Motivation for Parallelizable Hash Functions ● A disaster in the making ● Takes too long ● Can’t take advantage of the latest multicore CPUs

Page 10 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Motivation for Parallelizable Hash Functions ● Solution: Parallelizable hash function

Page 11 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski The PHASH Hash Function Design Concept ● Compression function based on a block cipher ● U = Uncompressed data block ● I = Block number (counter) ● E = Block cipher encryption function ● C(U,I) = Compressed output

Page 12 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski The PHASH Hash Function Design Concept ● Examples of block ciphers PHASH can use: Cipher K (bits) B (bits) Rijndael W M ● Rijndael — 128-bit version standardized as AES ● W — Whirlpool hash function’s block cipher ● M — Maelstrom-0 hash function’s block cipher

Page 13 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski The PHASH Hash Function Design Concept ● The PHASH computation: ● Append padding and message length (Merkle-Damgård strengthening) ● Break input into uncompressed blocks ● Compress each block together with its own index ● XOR together every 128 compressed blocks ● Replace input with XORed blocks ● Repeat until only one block remains ● Do one final compression

Page 14 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Security of PHASH ● A preimage can be found by inverting the block cipher encryption function — Block ciphers are designed to withstand such attacks ● A preimage can be found with high probability if too many blocks are XORed together (XHASH attack) — Re-encrypting after XORing every 128 blocks foils this attack ● Finding a second preimage or a collision can be done in 2 N operations (N = counter size) — Counter size can be used to tune the security level ● Length extension attack requires inverting the block cipher encryption function — The final output is always the result of an encryption

Page 15 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Performance of PHASH ● Three 512-bit hash functions were implemented on a Xilinx Virtex-5 LX330 FPGA: SHA-512 Whirlpool PHASH with the W block cipher and a 128-bit counter ● Sequential performance: Hash FunctionThroughput (Gbps) SHA Whirlpool7.7 PHASH15.1

Page 16 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Performance of PHASH ● PHASH parallel performance on the Xilinx Virtex-5 LX330 FPGA: Number of coresThroughput (Gbps)Speedup

Page 17 A Case for a Parallelizable Hash — Alan Kaminsky and Stanislaw Radziszowski Conclusion ● Parallelizable hash functions are necessary ● Parallelizable hash functions are doable ● SHA-3 should be parallelizable

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.