Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptographic Hash Pointers

Published byGwen Walsh Modified over 6 years ago

Similar presentations

Presentation on theme: "Cryptographic Hash Pointers"— Presentation transcript:

1 Cryptographic Hash Pointers
By, Robert Chrystie CS532 – Cryptography and Data Security

2 Introduction A cryptographic hash pointer is a pointer to some data and also a hash of that data. The main difference between a pointer and a hash pointer is a hash pointer gives you a way to retrieve the data along with the hash (aka digest) of the data. This can be used to verify the data’s integrity. Any acyclic data structure that uses pointers can instead use hash pointers. It must be acyclic because if there are cycles we wont be able to make all the hashes match up. We need an end so we can work our way back to the root hash. The two most common data structures that use hash pointers are block chains and Merkle trees. In order to create a cryptographic hash pointer, we need a hash function that is cryptographically secure.

3 Cryptographic Hash Functions
Cryptographic hash functions can take any length string and produce a fixed length hash. Hash functions must be efficiently computable and be able to withstand all known types of cryptanalytic attacks. Cryptographic hash functions must contain the following properties in order to be secure: They are collision-free meaning it is infeasible for someone to find two different messages whose hash's are the same. They must preserve the integrity of the message meaning it’s infeasible to modify a message without changing the hash. They must be one-way meaning it’s infeasible to generate the original message from it’s hash.

4 Cryptographic Hash Functions
There are only a few cryptographic hash functions that are approved by the National Institute of Standards and Technology (NIST) SHA-1 SHA-2 family of hash algorithms (224, 256, 384, 512, 512/224, and 512/256) SHA-3 family of hash algorithms (224, 256, 384, and 512) Although SHA-1 is on the list of approved algorithms, it should not be used for new application development and should be upgraded to SHA-2. SHA-1 is considered insecure against well-funded attackers. SHA-256 (member of the SHA-2 family) is the most popular and widely used cryptographic hash function.

5 Hash Pointer Data Structures: The Block Chain
A block chain is a linked list that is built using hash pointers. This data structure is useful to develop a tamper evident list meaning if someone tampers with data anywhere in the chain we can detect that it happened because each block contains a hash of the previous block all the way back to the head of the block chain, which is called the genesis block. The genesis block, which is a hash, MUST be kept in a secure location where no one can alter it. If this block can be altered, we lose the tamper detection. The block chain was exclusively developed for Bitcoin by Satoshi Nakamoto. Bitcoin uses the block chain as a tamper evident log of all the transactions made on the Bitcoin system. Once thing to note here is that once a block has been committed to the chain it can never change or else it would ruin the integrity of the chain. The concept of the block chain can be useful for applications other then Bitcoin. We can use the block chain for any linked list that we need to preserve its integrity. One possible application can be medical logs.

6 Hash Pointer Data Structures: The Block Chain
Genesis Block (Hash) H(Prev Block) H(Prev Block) H(Prev Block) H(Prev Block) Data Data Data Data

7 Hash Pointer Data Structures: Merkle Tree
A Merkle tree is a binary tree that uses hash pointers. The Merkle tree was developed by Ralph Merkle in 1979. The Merkle tree is a tree of hashes where the leaves are hash pointers to data blocks that reside in a file(s) or database. Nodes further up the tree are comprised of the hashes of their children. The top of the Merkle tree is called the top hash. The top hash must be stored in a secure location to preserve the integrity of the tree just like the block chain. Merkle trees are used in many different trusted computing systems which include file systems (IPFS and ZFS), peer-to-peer networks (BitTorrent), Git, and a number of NoSQL databases. A leaf node in a Merkle tree can be verified by following its parents up to the top hash. This makes the verification O(log(n)) where the verification for the block chain was O(n).

8 Hash Pointer Data Structures: Merkle Tree

9 Hash Pointer Data Structures at Work: Tamper-evident Medical Log - MedLog
For this project I took the idea of a block chain and created a tamper-evident medical log. I call it MedLog. I chose to roll my own block chain to learn and also all block chain libraries are solely based on Bitcoin and distributed consensus systems. For the hashing function, I chose to use SHA-256. The simple GUI allows the user to enter in a note for the patient, blood pressure, and weight and then store it to the log. The GUI will also load the log into a list view and mark any entries that are modified in red and inform the user.

10 MedLog in Action The image above is the log loaded with no tampering detected.

11 MedLog in Action The image above shows the log file. The top log has a hash pointer to the genesis block. The last line has a hash of the last log. I call this the tail hash. This is necessary so if the Last log was tampered we can detect it.

12 MedLog in Action I will modify the underlined note from “The patient is feeling much better today.” to “The patient has passed away.”

13 MedLog in Action The image above shows the MedLog GUI informing the user that there has been tampering detected in the log and has highlighted the exact line that was tampered.

14 MedLog Next Steps MedLog was an interesting idea that I plan on expanding. For this project I did not get to polish it all the way. I would like to make the tamper evident logger more generic so it can be used for many different applications. I would like to explore the idea of using a Merkle tree instead for performance reasons. I would like to use a database instead of a file for the storage. A feature I would like to add is backing up and restoring the log when the logger realizes it has been tampered.

15 References Narayanan, A., Bonneau, J., Felten, E., Miller, A., & Goldfeder, S. (n.d.). Bitcoin and Cryptocurrency Technologies.

16 References Katz, J., & Lindell, Y. “Introduction to modern cryptography”. Boca Raton: Chapman & Hall/CRC. sha1

Download ppt "Cryptographic Hash Pointers"

Similar presentations

Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
MD5 Summary and Computer Examination Process Introduction to Computer Forensics.

MD5 Summary and Computer Examination Process Introduction to Computer Forensics.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures
Created on 29/10/2008yahaya.wordpress.com1 Trees Another common nonlinear data structure is the tree. We have already seen an example of a tree when we.

Created on 29/10/2008yahaya.wordpress.com1 Trees Another common nonlinear data structure is the tree. We have already seen an example of a tree when we.
1 Bitcoin A Digital Currency. Functions of Money.

1 Bitcoin A Digital Currency. Functions of Money.
Reliability and Recovery CS 537 - Introduction to Operating Systems.

Reliability and Recovery CS Introduction to Operating Systems.
MD5 Summary and Computer Examination Process Introduction to Computer Forensics.

MD5 Summary and Computer Examination Process Introduction to Computer Forensics.
Indexing and hashing Azita Keshmiri CS 157B. Basic concept An index for a file in a database system works the same way as the index in text book. For.

Indexing and hashing Azita Keshmiri CS 157B. Basic concept An index for a file in a database system works the same way as the index in text book. For.
Lecture 2: Introduction to Cryptography

Lecture 2: Introduction to Cryptography
Week 4 - Friday.  What did we talk about last time?  Snow day  But you should have read about  Key management.

Week 4 - Friday.  What did we talk about last time?  Snow day  But you should have read about  Key management.
Marwan Al-Namari Hassan Al-Mathami. Indexing What is Indexing? Indexing is a mechanisms. Why we need to use Indexing? We used indexing to speed up access.

Marwan Al-Namari Hassan Al-Mathami. Indexing What is Indexing? Indexing is a mechanisms. Why we need to use Indexing? We used indexing to speed up access.
Cryptographic Hash Functions

Cryptographic Hash Functions

Similar presentations

Ads by Google