MD5 ALGORITHM past and present. History Initial checking of integrity – checksums, then CRC These are only good at detecting lost information due to hardware.

Slides:

Advertisements

Similar presentations

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.

Advertisements

SECURE HASHING ALGORITHM By: Ruth Betcher. Purpose: Authentication Not Encryption Authentication Requirements:  Masquerade – Insertion of message from.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Computer Security Set of slides 5 Dr Alexei Vernitski.

Digital Signatures and Hash Functions. Digital Signatures.

MD Collision Sought Marian Ščerbák University of Pavol Jozef Šafárik Košice.

Some more on user- authentication. A web-page which requires that the user be logged-in Page is here:

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Module 4 Hash Functions Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation.

Chapter 3 Encryption Algorithms & Systems (Part C)

Hashing (Message Digest) Hello There.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 31 Network Security

Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.

DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Bit Cipher 1. Example of bit Cipher 2 Practical Stream Cipher 3.

Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.

Brand-New Hash Function   BeeM A. Satoh SCIS2006 SHA-1 Broken! Prof. Xiaoyun Wang.

23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.

Theory of Computation II Topic presented by: Alberto Aguilar Gonzalez.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

1 Network Security Lecture 5 Hashes and Message Digests Waleed Ejaz

Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation.

Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.

Public Key Encryption.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Modern Cryptography.

Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Week 4 - Friday.  What did we talk about last time?  Snow day  But you should have read about  Key management.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy

Cryptography and Network Security (CS435) Part Nine (Message Authentication)

CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.

MD5 & Hash Encryption By Alex Buzak. Overview Purpose of MD5 and Hash Encryptions Examples MD5 Algorithm Explanation of Possible Security Risks Practical.

Network Security Celia Li Computer Science and Engineering York University.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.

ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.

Cryptography Hyunsung Kim, PhD University of Malawi, Chancellor College Kyungil University February, 2016.

Hervey Allen Phil Regnauld 15 June 2009 Papeete, French Polynesia DNSSEC Tutorial: Public / Private.

Computer Communication & Networks

Cryptographic Hash Functions

CSCE 715: Network Systems Security

Cryptographic Hash Functions

MD5 A Hash Algorithm….

<ELLIIT Project Name>

MSIT 543 Cryptography Concepts and Techniques Hashes

Poster Title Heading Heading Heading Heading Heading Heading

Hashing Hash are the auxiliary values that are used in cryptography.

目录 The quick brown fox. 目录 The quick brown fox.

Presentation transcript:

MD5 ALGORITHM past and present

History Initial checking of integrity – checksums, then CRC These are only good at detecting lost information due to hardware or transmission errors

History The checksum has no real protection of data integrity Easily circumvented or reverse- engineered

Potential Attack A wants to obtain privileges from B A generates two messages with the same hash values A presents an innocent message to B for his digital signature A applies the signature to the other malicious message with the same hash

Cryptography The solution lay in one-way hashing algorithms These should keep two messages from colliding (having the same hash) They should also be sufficiently difficult to reverse-engineer

Cryptography MD5 represents the fifth iteration designed by Ronald Rivest (RSA) Others from other authors include Whirlpool and SHA MD5 is open-source and released under the GPL MD5 is optimized for use on 32-bit computers

MD5 Hashing MD5("The quick brown fox jumps over the lazy dog") = 9e107d9d372bb6826bd81d3542a419d6 MD5("The quick brown fox jumps over the lazy cog") = 1055d3e698d289f2af bd4b MD5("") = d41d8cd98f00b204e ecf8427e

Modern Flaws MD5 uses a short 128-bit hash MD5 has become a popular hashing tool through PHP PASSWORD HASHING Rivest says his algorithm was never designed for this usage Long messages that need an integrity check before encryption

MD5 Flaws Rainbow tables for passwords COLLISIONS!

MD5 Collisions 2004 Wang et. al delivered an algorithm that could produce collisions in a few hours on an IBM p690 cluster Algorithm was improved by Lenstra et. al in 2005 to a few hours on a single laptop

Final thoughts A digest algorithm does not provide integrity if collisions are so simple to produce SHA or Whirlpool should be considered until a replacement for MD5 can be found