Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptographic Hash Functions

Published byAbigayle Shaw Modified over 6 years ago

Similar presentations

Presentation on theme: "Cryptographic Hash Functions"— Presentation transcript:

1 Cryptographic Hash Functions
Dr. X Slides from Dr. William Enck, NCSI

2 Hash Functions Hash function h: deterministic one-way function that takes as input an arbitrary message M (sometimes called a preimage) and returns as output h(M), a small fixed length hash (sometimes called a digest) Hash functions should have the following two properties: compression: reduces arbitrary length string to fixed length hash ease of computation: given message M, h(M) is easy to compute openssl speed sha

3 Why are hashes useful? Message authentication codes (MACs):
e.g.: MACK(M) = h(K|M) (but don't do this, use HMAC instead) Modification detection codes: detect modification of data any change in data will cause change in hash

4 Hash functions Prof. Pedantic proposes the following hash function, arguing that it offers both compression and ease of computation. h(M) = 0 if the number of 0s in M is divisible by 3 h(M) = 1 otherwise Why is this a lousy crypto hash function?

5 Cryptographic Hash Functions
Properties of good cryptographic hash functions: preimage resistance: given digest y, computationally infeasible to find preimage x' such that h(x')=y (also called “one-way property”) 2nd-preimage resistance: given preimage x, computationally infeasible to find preimage x' such that h(x)=h(x') (also called “weak collision resistance”) collision resistance: computationally infeasible to find preimages i,j such that h(i)=h(j) (also called “strong collision resistance”)

6 In other words A good cryptographic hash function has the following properties: it is deterministic so the same message always results in the same hash it is quick to compute the hash value for any given message it is infeasible to generate a message from its hash value except by trying all possible messages a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value it is infeasible to find two different messages with the same hash value (from

7 Birthday Attack Birthday Paradox: chances that 2+ people share birthday in group of 23 is > 50%. General formulation function f() whose output is uniformly distributed over H possible outputs Number of experiments Q(H) until we find a collision is approximately

8 Practical Implications
Why is this relevant to hash sizes? Choosing two messages that have the same hash h(x) = h(x’) is more practical than you might think.

9 Some cryptographic hash functions
MD5 (128-bit digest) [don’t use this] SHA-1 (160-bit digest) [stop using this*] SHA-256 (256-bit digest) SHA-512 (512-bit digest) SHA-3 [recent competition winner]

10 General Structure of a Hash

11 Comparison of SHA parameters

12 SHA-512

13 SHA-512 function

Download ppt "Cryptographic Hash Functions"

Similar presentations

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
CS470, A.SelcukHash Functions1 Cryptographic Hash Functions CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukHash Functions1 Cryptographic Hash Functions CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Hash Functions Nathanael Paul Oct. 9, 2002. Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.

CS526Topic 5: Hash Functions and Message Authentication 1 Computer Security CS 526 Topic 5 Cryptography: Cryptographic Hash Functions And Message Authentication.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.

Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.
Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.

Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
Message Authentication Code July 2011. Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.

Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
Brand-New Hash Function   BeeM A. Satoh SCIS2006 SHA-1 Broken! Prof. Xiaoyun Wang.

Brand-New Hash Function   BeeM A. Satoh SCIS2006 SHA-1 Broken! Prof. Xiaoyun Wang.
CSCI 172/283 Fall 2010 Hash Functions, HMACs, and Digital Signatures.

CSCI 172/283 Fall 2010 Hash Functions, HMACs, and Digital Signatures.
1 Hash Functions. 2 A hash function h takes as input a message of arbitrary length and produces as output a message digest of fixed length. 010 0 00111.

1 Hash Functions. 2 A hash function h takes as input a message of arbitrary length and produces as output a message digest of fixed length

Similar presentations

Ads by Google