Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hashing (Message Digest). ............ ............ Hello There Hashing (Message Digest)

Published byLogan McDowell Modified over 8 years ago

Similar presentations

Presentation on theme: "Hashing (Message Digest). ............ ............ Hello There Hashing (Message Digest)"— Presentation transcript:

1 Hashing (Message Digest)

2 ............

3 ............ Hello There Hashing (Message Digest)

4 ............ What not Hashing (Message Digest)

5 Hash Function – One way Needed properties for cryptographically secure hash: 1. Computationally infeasible to find the message that has given the hash 2. Should be highly improbable for two messages to hash to the same number (and to find two messages with the same hash). Message substitution computationally feasible otherwise

6 Hash Function – One way Why worry about two messages with same hashes? Application: integrity check, message substitution is possible Example: possible to find two different messages that have opposite meanings. AA gets assigned to write an email firing employee that AA likes. Email will have hash integrity check. It will be checked by boss and then signed before being sent. I am writing {this memo} to {demand | request | inform you} that {Fred | Mr. Jones} {must} be {fired | terminated} {at once | immediately}. As the {July 11 | 11 July} {memo | memorandum} {from | issued by} {personnel | HR | Human Relations} states, to meet {our | the corporate} {quarterly | third quarter} budget {target | goal}, {we must.. I am writing {this letter | this memo | this memorandum | } to {officially} commend {Fred | Mr. Jones} for this {courage and independent thinking | independent thinking and courage}. {He | Fred | Mr. Jones} {clearly | } understands {the need | how} to get {the | his} job {done | accomplished} {at all costs | by whatever means necessary}, and {knows...

7 Hash Function – One way Appearance to a cracker: 1. Looking at output, any bit should be 1 about ½ the time 0010111...1...001110 2. Each output should have about ½ of its bits set to 1 3. Any two outputs should be uncorrelated no matter how similar the inputs are

8 Hash Function – One way Birthday Problem: Assume a hash function H that pretty much randomly maps an integer input to an integer output. Suppose the number of output values for H is k. Pick n input integers randomly. How large should n be so that the probability that at least one pair of input integers map to the same output is 1/2? Answer: Pr(some pair of inputs map to the same number) > ½ if n > √ 2k For k=365 days, n = 27

9 Hashing (Message Digest)............ Secret The little brown fox jumped over the lazy dog's back

10 Hashing (Message Digest)............ The little brown fox jumped over the lazy dog's back

11 Hashing (Message Digest)............ The little brown fox jumped over the lazy dog's back

12 Hashing (Message Digest)............ The little brown fox jumped over the lazy dog's back

13 Hashing (Message Digest)............ The little brown fox jumped over the lazy dog's back

14 Hashing (Message Digest)............ The little brown fox jumped over the lazy dog's back

15 Hashing (Message Digest)............ The little brown fox jumped over the lazy dog's back Output

16 Hashing (Message Digest) Java: class SecureRandom – produces a cryptographically secure random number class MessageDigest – produces a hash of a number of bytes depending on the algorithm used (SHA, MD5, etc.) Cryptographically secure random number: 1. Given the first k bits of a CSPRN there is no efficient algorithm that will predict with probability better than 1/2 what the next bit will be 2. If information about a state of the computation is revealed at some point, it should be infeasible to produce the output bits that has been produced up to that point. If someone indexes into a published random sequence of bits – this point is violated.

17 Hashing - Authentication........................ S S Client Server

18 Hashing - Authentication........................ S S Client Challenge R Server

19 Hashing - Authentication........................ S S Client Hash(S | R) Server

20 Hashing - Authentication........................ S S Client Check Hash(S | R)? Server

21 Hashing - Authentication........................ S S Client Challenge P Server

22 Hashing - Authentication........................ S S Client Hash(S | P) Server

23 Hashing - Authentication........................ S S Client Check Hash(S | P)? Server

24 Hashing - Message Integrity Try same as authentication except concatenate the message with the secret and pad (send Hash(S | M)).

25 Hashing - Message Integrity Try same as authentication except concatenate the message with the secret and pad (send Hash(S | M)). Unfortunately, attacker can append a message since s/he knows Hash(S | M) and the Hash algorithm.

26 Hashing - Message Integrity Try same as authentication except concatenate the message with the secret and pad (send Hash(S | M)). Unfortunately, attacker can append a message since s/he knows Hash(S | M) and the Hash algorithm. Try Hash(M | S). But then if the digest for two messages is the same, the MAC for both messages is the same – doesn't smell right.

27 Hashing - Message Integrity Try same as authentication except concatenate the message with the secret and pad (send Hash(S | M)). Unfortunately, attacker can append a message since s/he knows Hash(S | M) and the Hash algorithm. Try Hash(M | S). But then if the digest for two messages is the same, the MAC for both messages is the same – doesn't smell right. Try using only ½ of the bits of the digest – then attacker cannot append a message so easily – but the digest should be longer to compensate.

28 Hashing - Message Integrity Try same as authentication except concatenate the message with the secret and pad (send Hash(S | M)). Unfortunately, attacker can append a message since s/he knows Hash(S | M) and the Hash algorithm. Try Hash(M | S). But then if the digest for two messages is the same, the MAC for both messages is the same – doesn't smell right. Try using only ½ of the bits of the digest – then attacker cannot append a message so easily – but the digest should be longer to compensate. Try Hash(S | M | S).

29 Hashing - Message Integrity Try same as authentication except concatenate the message with the secret and pad (send Hash(S | M)). Unfortunately, attacker can append a message since s/he knows Hash(S | M) and the Hash algorithm. Try Hash(M | S). But then if the digest for two messages is the same, the MAC for both messages is the same – doesn't smell right. Try using only ½ of the bits of the digest – then attacker cannot append a message so easily – but the digest should be longer to compensate. Try Hash(S | M | S). HMAC, the winner: 1. Concatenate secret to front of message 2. Take the hash 3. Concatenate the secret to the front of the hash 4. Take the hash : Hash(S 1 | Hash(S 2 | M)) where S 1 and S 2 are derived from S

30 Hashing - Message Integrity HMAC, the winner: 1. Concatenate secret to front of message 2. Take the hash 3. Concatenate the secret to the front of the hash 4. Take the hash : Hash(S 1 | Hash(S 2 | M)) S 1 = S ⊕ constant 1, S 2 = S ⊕ constant 2 Reason: It has been shown that HMAC has the following properties: 1. It is infeasible to find two inputs that yield the same output 2. An attacker that does not know S cannot compute the proper digest involving S and M even if the attacker knows the digest involving S and M i for any M i such that M i is not the same as M Provided: the underlying hash function is secure (has the same properties)

31 Hashing - Encryption............ Secret The little brown fox jumped over the lazy dog's back Initialization Vector To receiver ⊕

32 Hashing - Encryption............ Secret The little brown fox jumped over the lazy dog's back ⊕

33 Hashing - Encryption............ Secret The little brown fox jumped over the lazy dog's back To receiver ⊕

34 Hashing - Encryption............ Secret The little brown fox jumped over the lazy dog's back ⊕

35 Hashing - Encryption............ Secret The little brown fox jumped over the lazy dog's back ⊕ To receiver

Download ppt "Hashing (Message Digest). ............ ............ Hello There Hashing (Message Digest)"

Similar presentations

Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel:03-5742968, Fax : 886-3-572-3694.

1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)

Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
Hashing (Message Digest). ............ ............ Hello There.

Hashing (Message Digest) Hello There.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.

Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.

Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester 2008-2009 ITGD 2202 University of Palestine.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Similar presentations

Ads by Google